Authentication
Noor provides a simple auth system using bcrypt password hashing and session-based logins.
Configuration
The auth system reads from config.php:
'auth' => [
'table' => 'users',
'username' => 'email',
'id' => 'id',
],
Your users table must have at minimum:
- An
idcolumn (integer primary key) - An
emailcolumn (or whateverusernameis set to) - A
passwordcolumn (stores bcrypt hashes)
Usage
Attempt Login
if (Auth::attempt(['email' => $request->email, 'password' => $request->password])) {
// Success — user is now logged in
return redirect('/dashboard');
}
return redirect('/login')->withErrors(['email' => ['Invalid credentials.']]);
Check Auth State
if (Auth::check()) { ... } // Logged in
if (Auth::guest()) { ... } // Not logged in
$user = Auth::user(); // The authenticated user object
$id = Auth::id(); // The authenticated user's ID
Direct Login / Logout
// Login without password verification
$user = DB::table('users')->find(1);
Auth::login($user);
// Logout
Auth::logout();
Register
$user = Auth::register([
'name' => $request->name,
'email' => $request->email,
'password' => $request->password, // Automatically hashed
]);
Auth::login($user);
Validate (without login)
if (Auth::validate(['email' => $email, 'password' => $password])) {
// Credentials are valid
}
Auth Middleware
Protect routes with middleware:
Route::get('/dashboard', $handler)->middleware('auth');
Route::get('/login', $handler)->middleware('guest');
Route::get('/settings', $handler)->middleware('auth');
// Group middleware
Route::group(['middleware' => ['auth']], function () {
Route::get('/dashboard', $handler);
Route::get('/profile', $handler);
});
Customize redirect URLs by modifying the middleware behavior in your route handlers.