whyounes / laravel-passwordless-auth
Laravel passwordless authentication for Laravel
Installs: 40
Dependents: 0
Suggesters: 0
Security: 0
Stars: 6
Watchers: 2
Forks: 0
Open Issues: 1
pkg:composer/whyounes/laravel-passwordless-auth
Requires
- php: ^5.5.9 || ^7.0
- illuminate/config: 5.1.* || 5.2.* || 5.3.*
- illuminate/database: 5.1.* || 5.2.* || 5.3.*
- illuminate/events: 5.1.* || 5.2.* || 5.3.*
Requires (Dev)
- mockery/mockery: ~0.9.4
- orchestra/testbench: ~3.0
- phpunit/phpunit: ^4.8 || ^5.0
This package is auto-updated.
Last update: 2025-09-29 02:06:03 UTC
README
Passwordless authentication for Laravel 5
Installation
Add the package to your project using Composer:
composer require whyounes/laravel-passwordless-auth
Publish package assets:
php artisan vandor:publish
Run the migration to create the tokens table:
php artisan migrate
Add it to you providers list:
// config/app.php // ... 'providers' => [ // ... Whyounes\Passwordless\Providers\PasswordlessProvider::class, };
Add the Passwordless trait to your user model:
// app/User.php class User extends Authenticatable { use Whyounes\Passwordless\Traits\Passwordless; // ... }
Configurations
If you don't want to use the user email along with the token, you can change it by overriding the following method:
// app/User.php class User extends Authenticatable { use Whyounes\Passwordless\Traits\Passwordless; // ... protected function getIdentifierKey() { return 'email'; } }
You can change the expiration time inside the config/passwordless.php file:
// config/passwordless.php return [ 'expire_in' => 15, // Minutes 'empty_tokens_after_login' => true // Empty user tokens after login ];
You can set the empty_tokens_after_login config to false if you don't want to delete unused tokens from DB.
Example
Display the login form for user to type the email:
// routes/web.php Route::post('/login/direct', function() { return view('login.direct'); });
Catch the form submission:
// routes/web.php Route::post('/login/direct', function(Request $request) { // send link to user mail $user = App\User::where('email', $request->get('email'))->first(); if (!$user) { return redirect()->back(404)->with('error', 'User not found'); } // generate token and save it $token = $user->generateToken(true); // send email to user \Mail::send("mails.login", ['token' => $token], function($message) use($token) { $message->to($token->user->email); }); });
Catch the login link request:
// routes/web.php Route::get('/login/{token}', function(Request $request, $token) { $user = App\User::where('email', $request->get('email'))->first(); if (!$user) { dd('User not found'); } if($user->isValidToken($token)) { // Login user Auth::login($user); } else { dd("Invalid token"); } });
Or, if you like working with exceptions:
// routes/web.php Route::get('/login/{token}', function(Request $request, $token) { try { $user = App\User::where('email', $request->get('email'))->firstOrFail(); $user->validateToken($token); Auth::login($user); } catch(Illuminate\Database\Eloquent\ModelNotFoundException $ex) { dd('User not found'); } catch(Whyounes\Passwordless\Exceptions\InvalidTokenException $ex) { dd("Invalid token"); } });