User Registration And Login System In Laravel

Laravel provides built-in user registration and login system. Most of the developers are not aware of this built-in system (I was also one of them). When I came to know about this feature, I was surprised. It saves a lot of time from building a login and registration system from scratch.

In this article, we study the user registration and login system in Laravel – the built-in feature provided by Laravel itself.

As we all know login and registration process has below flow which usually needs to integrate.

  • User creates an account
  • Confirmation link will send on user’s email address
  • Once user click on confirmation link, they get activated on your system.
  • User log in to your website and can access the pages

All the above steps are covered in Laravel. You don’t need to write a code in order to build this user creation system.

Having said that, let’s take a look at user registration and login system In Laravel

Getting Started

For getting started, you should be ready with the Laravel project. If you don’t have it then create it by running the command:

Here ‘laravel-dev’ is the name of the Laravel project. The user can change this name.

Next, you have to integrate Laravel authentication. Head over to the project root directory in the terminal and run the below commands one by one:

These commands will create authentication controllers like LoginController.phpRegisterController.php, etc which you will find in the app/Http/Controllers/Auth directory. It also creates a views login.blade.phpregister.blade.php under resources/view/auth directory.

The above commands also creates a app.blade.php file under resources/views/layouts directory. This view is a base layout for the application. It uses the Bootstrap CSS framework but the user can customize it and change the design.

Run the migration command which will create a ‘users’ table in your database.

Now if you run the Laravel project on the browser, you will see the links for login and registration form.

At this stage, users can create their account and log in to the website. But as I mentioned above, before a user can access the system they should have confirmed their account.

In the next step, we will see how to perform the email verification process of a user.

Email Verification

While building a registration system, when user signup you send an activation link to users. This activation link will be used to verify the user account. Once, the user clicks on an activation link then we make that user active. In other words, after verifying the account user can browse the pages of your application.

Laravel provides a built-in system of the email verification process for a newly registered user. Using this system, a registered user will get an email with an activation link. Upon activating the account, the user will be able to access the system.

Open the App\User.php file and make sure ‘User’ model implements Illuminate\Contracts\Auth\MustVerifyEmail contract.

How does it work? If you check the migration file, ‘users’ table contains a email_verified_at column. This column will be used to verify whether the user has activated their account or not. If the account is activated, this column should have the date and time of activation.

When you run the authentication command, it creates an Auth\VerificationController class which has logic written to send verification links and verify emails. The developer can check this file. To register the necessary routes for this controller, write the below routes in the routes/web.php file.

Auth::routes([‘verify’ => true]);

The user can protect their routes which should be behind the login. To protect the routes, you need to apply middleware('verified') to those routes. After this, these protected routes can be accessed only by verified accounts.

You can write the code to protect route as follows:

Route::get(‘profile’, function () { return ‘

This is profile page

‘; })->middleware(‘verified’);

If you want to have control of where to redirect the user after verification then open the Auth\VerificationController file. The file has the variable $redirectTo which will use for redirection. Change this route as per your requirement.

protected $redirectTo = ‘/home’;

User Login and Registration

You are now ready to test the user login and registration system. As we are dealing with the signup process, your system should be able to send an email. You can use the Gmail SMTP server to send emails.

Start the local development server using the command:

Create an account of a user on registration page here – http://localhost:8000/register

Upon submission of a form, you will get the verification link on your email as follows:

Please note, Laravel allows you to log in to your account even if you did not verify the account yet. But you can’t access the protected route.

I have added middleware for the route profile. Without verifying the account if you try to visit the http://localhost:8000/profile page, it will redirect to the http://localhost:8000/email/verify URL.

Go ahead and verify your account. Check the ‘users’ table in the database and you will see email_verified_at column filled the date and time of activation. It means you have verified your account successfully. Now you should be able to access protected routes.

Dharmendra K