Add login to your Laravel application

Auth0 allows you to quickly add authentication and gain access to user profile information in your application. This guide demonstrates how to integrate Auth0 with any new or existing Laravel web application using the Auth0 Laravel SDK.

To use Auth0 services, youโ€™ll need to have an application set up in the Auth0 Dashboard. The Auth0 application is where you will configure how you want authentication to work for the project you are developing.

Configure an application

Use the interactive selector to create a new Auth0 application or select an existing application that represents the project you want to integrate with. Every application in Auth0 is assigned an alphanumeric, unique client ID that your application code will use to call Auth0 APIs through the SDK.

Any settings you configure using this quickstart will automatically update for your Application in the Dashboard, which is where you can manage your Applications in the future.

If you would rather explore a complete configuration, you can view a sample application instead.

Configure Callback URLs

A callback URL is a URL in your application that you would like Auth0 to redirect users to after they have authenticated. If not set, users will not be returned to your application after they log in.

Configure Logout URLs

A logout URL is a URL in your application that you would like Auth0 to redirect users to after they have logged out. If not set, users will not be able to log out from your application and will receive an error.

Begin by setting up a new Laravel application. Open a shell and run the command below. Replace DIRECTORY_NAME with your preferred directory name to create and install in Laravel. The directory cannot already exist.

composer create-project --prefer-dist laravel/laravel DIRECTORY_NAME

This new directory is your project's root directory. As you work through this tutorial, run any instructed shell commands from within that directory.

Alternatively, you can download a sample project using the Download Sample button.

Install the Auth0's Laravel SDK to protect your new Laravel application's routes. The SDK offers a range of middleware types and router controllers which help integrate authentication and protect the application's routes.

In the project's root directory, use Composer to install the SDK in your application:

composer require auth0/login

Create the SDK's configuration file from the project's root directory. Use Laravel's the vendor:publish command to import the configuration file into the application:

php artisan vendor:publish --tag=auth0-config

Now, configure your Auth0 integration by adding options to the .env file in the project's root directory. Open the .env file and add some essential details for your project.

Now connect your Laravel application with the SDK so you can work with your Auth0 integration. For this connection, make changes to the config\auth.php file. This file contains different settings, but you only need to make a few small changes.

  • In the defaults section, set the default guard to auth0.
  • In the guards section, add a guard for auth0.
  • In the providers section, add a provider for auth0.

Set-up authentication routes with the SDK plug-and-play router controllers.

Inside routes/web.php:

  • Direct end users to the /login route to use Auth0's Universal Login page to authenticate with your application.
  • The /logout route redirects users to Auth0's logout endpoint and signs them out of your application.
  • The /auth0/callback route handles some important final authentication matters after the user logs in and aligns the user's local session with your application.

Configure the routes using the SDK's middleware to automatically protect parts of your application. For this type of application, two types of middleware are available:

  • auth0.authenticate.optional: This middleware resolves an available user session (allows access to the user's profile through the Auth::user() method) but won't block requests without a session. Thoses requests are treated as "guest" requests.
  • auth0.authenticate: This middleware rejects requests from end users that aren't authenticated and limits that route to requests from users with accounts.

Edit the routes/web.php file, and add the corresponding routes to that file.

Finally, create a few blade views you defined in those routes.

Create the resources/views/auth0/guest.blade.php file:

// ๐Ÿ“‚ resources/views/auth0/guest.blade.php

<!DOCTYPE html>
<html>
    <body>
        <p>You're a guest. <a href="{{ route('login') }}">Log in</a></p>
    </body>
</html>

And finally, let's create a resources/views/auth0/user.blade.php file:

// ๐Ÿ“‚ resources/views/auth0/user.blade.php

<!DOCTYPE html>
<html>
    <body>
        <p>Welcome! You are authenticated. <a href="{{ route('logout') }}">Log out</a></p>
        <div>
            <pre><?php print_r(Auth::user()) ?></pre>
        </div>
    </body>
</html>

In a real world application, you want to be more elaborate with your views, but this serves as a demonstration.

So far you have installed Laravel and the SDK, configured your application, and set up some routes โ€” all that's left is to try out our new application:

php artisan serve --port=3000

You're all set. Your new application is live and waiting for use. Give it a try by loading http://localhost:3000 in your web browser.

Checkpoint

Now that you have configured your Laravel application to use Auth0, run your application to verify that:

  • When users navigate to the /login route, they redirect to Auth0.
  • Users redirect back to your application after sucessfully entering their credentials, indicating they are authenticated.
  • Users not authenticated are prohibited from accessing the /required route.
  • When users navigate to the /logout route, they redirect to Auth0's logout endpoint and sign them out of our application.

Next Steps

Excellent work! If you made it this far, you should now have login, logout, and user profile information running in your application.

This concludes our quickstart tutorial, but there is so much more to explore. To learn more about what you can do with Auth0, check out:

  • Auth0 Dashboard - Learn how to configure and manage your Auth0 tenant and applications
  • laravel-auth0 SDK - Explore the SDK used in this tutorial more fully
  • Auth0 Marketplace - Discover integrations you can enable to extend Auth0โ€™s functionality

Did it work?

Any suggestion or typo?

Edit on GitHub
Sign Up

Sign up for an or to your existing account to integrate directly with your own tenant.