{"flag":true,"single":true,"pageTitle":"login \/ register in laravel, Auth + Redirect user to login if not authenticated || login throttling \/ account lockout.","post":{"id":8,"user_id":"1","slug":"login-register-in-laravel-authentication-onby","title":"login \/ register in laravel, Auth + Redirect user to login if not authenticated || login throttling \/ account lockout.","body":"

With laravel we can <\/strong>make login, register pages and databases<\/p>\r\n

1.Run command <\/strong><\/p>\r\n

composer require laravel\/ui <\/code><\/pre>\r\n
it will create<\/p>\r\n
???? app\/Http\/Controllers\/Auth\/<\/strong><\/p>\r\n
    \r\n
  1. LoginController.php<\/li>\r\n
  2. RegisterController.php<\/li>\r\n
  3. ForgotPasswordController.php<\/li>\r\n
  4. ResetPasswordController.php<\/li>\r\n
  5. VerificationController.php<\/li>\r\n<\/ol>\r\n
    it will create ui package , views, migration, model controller<\/strong> create inside vendor\/laravel\/ui<\/strong><\/p>\r\n
    2. Run command <\/strong><\/p>\r\n
    php artisan ui bootstrap --auth\r\n<\/code><\/pre>\r\n
    bootstrap is optional if you want to use your own design<\/p>\r\n
    it will create controllers, views and routes for login, register, forget, and migrations.<\/p>\r\n
    Controllers<\/strong>: Creates authentication-related controllers (e.g., LoginController, RegisterController) in app\/Http\/Controllers\/Auth\/.<\/strong>
    Views<\/strong>: Generates Blade templates (e.g., login.blade.php, register.blade.php) in resources\/views\/auth\/.<\/strong>
    Routes<\/strong>: Adds authentication routes (e.g., \/login, \/register, \/logout) to routes\/web.php.
    Migrations<\/strong>: Creates a migration file for the users table (and possibly password_resets) in database\/migrations\/.<\/strong><\/p>\r\n
    3. Run migrations<\/strong><\/p>\r\n
    php artisan migrate<\/code><\/pre>\r\n
     <\/p>\r\n
     <\/p>\r\n
    AFTER THAT, Now you can Protect Routes , If user is not logged in → redirected to \/login<\/strong><\/p>\r\n
    Route::middleware(['auth'])->group(function () {\r\n\r\n    Route::get('\/dashboard', function () {\r\n        return view('dashboard');\r\n    });\r\n\r\n});\r\n<\/code><\/pre>\r\n
    Protect controller<\/p>\r\n
    public function __construct()\r\n{\r\n    $this->middleware('auth');\r\n}<\/code><\/pre>\r\n
    route prevent<\/p>\r\n
    Route::get('\/', function () {\r\n    return view('home');\r\n})->middleware('auth');\r\n<\/code><\/pre>\r\n
    Below commands 4,5 are optional, if you want to install bootsrap and compile then use these<\/strong><\/em><\/p>\r\n
    4.Run command , below commands is to make design and install bootstrap<\/p>\r\n
    npm install<\/code><\/pre>\r\n
    It installs JavaScript and CSS dependencies<\/strong> listed in your package.json file using npm (Node Package Manager) but they aren’t yet compiled or usable in your views until the next step.<\/p>\r\n
    5. Run command<\/p>\r\n
    npm run development<\/code><\/pre>\r\n
    It will compile all CSS, JavaScript, etc using Laravel Mix, which is a wrapper around Webpack.. 
    Compiles Bootstrap’s CSS and JavaScript (from node_modules<\/strong>\/) into a single public\/css\/app.css and public\/js\/app.js.<\/strong>
    Processes any custom JavaScript or Sass you’ve added in resources\/.
    You can include them in your Blade templates (e.g., <link href=\"{{ asset('css\/app.css') }}\" rel=\"stylesheet\">) to apply Bootstrap styling.<\/p>\r\n
    NOTE:<\/strong><\/p>\r\n
    IF there is any error run these commands<\/p>\r\n
    npm install --save-dev cross-env1\r\nOR\r\nrm -rf node_modules \/\/remove node modules\r\nrm package-lock.json yar.lock\r\nnpm cache clear --force\r\nnpm install\r\n\r\n<\/code><\/pre>\r\n
    Also run migrations<\/p>\r\n
    REDIRECT USER TO login page if not authenticated<\/strong><\/p>\r\n
    If you want to create a custom middleware to redirect users if they are not authenticated, you can create a RedirectIfNotAuthenticated middleware in Laravel. Here are the steps to implement it:
    1.Create a new middleware class by running the following command in your Laravel project's root directory:<\/p>\r\n
    php artisan make:middleware RedirectIfNotAuthenticated<\/code><\/pre>\r\n
    2. Open the app\/Http\/Middleware\/RedirectIfNotAuthenticated.php<\/strong> file and modify the handle method to redirect the user if they are not authenticated. Here's an example implementation:<\/p>\r\n
    <?php\r\nnamespace App\\Http\\Middleware;\r\nuse Closure;\r\nuse Illuminate\\Http\\Request;\r\nclass RedirectIfNotAuthenticated\r\n{\r\n    public function handle($request, Closure $next)\r\n    {\r\n        if (!auth()->check()) {\r\n           return redirect('\/login')->with(\"status\",\"Login First to access this page\");\r\n        }\r\n\r\n        return $next($request);\r\n    }\r\n}\r\n<\/code><\/pre>\r\n
    3. Register the middleware in the app\/Http\/Kernel.php file. Locate the $routeMiddleware <\/strong>property and add the following line:<\/p>\r\n
    'notAuth' => \\App\\Http\\Middleware\\RedirectIfNotAuthenticated::class,<\/code><\/pre>\r\n
    4. Now, you can apply the middleware to your routes or controllers using the notAuth <\/strong>middleware key. For example:<\/p>\r\n
    Route::controller(\\App\\Http\\Controllers\\AffliateController::class)->middleware(['notAuth'])->group(function () {\r\n    Route::get('affliate', 'index')->name('affliate');\r\n});<\/code><\/pre>\r\n
    In this example, the notAuth <\/strong>middleware is applied to a group of routes that should only be accessible to unauthenticated users.<\/p>\r\n
    By creating and using the RedirectIfNotAuthenticated middleware, you can easily redirect users who are not authenticated to a specific URL or route in your Laravel application.<\/p>\r\n
    ==================<\/strong>
                     LOGIC<\/strong>
    ==================<\/strong><\/p>\r\n
    app\/Http\/Controllers\/Auth\/LoginController.php<\/strong><\/p>\r\n
    use Illuminate\\Foundation\\Auth\\AuthenticatesUsers;\r\nclass LoginController extends Controller\r\n{\r\n    use AuthenticatesUsers; \r\n    protected $redirectTo = '\/home';\r\n}\r\n<\/code><\/pre>\r\n
    AuthenticatesUsers <\/strong>trait already contains full login logic:<\/p>\r\n
      \r\n
    1. Validate email & password<\/li>\r\n
    2. Check user in database<\/li>\r\n
    3. Compare hashed password<\/li>\r\n
    4. Create session<\/li>\r\n
    5. Redirect after login<\/li>\r\n<\/ol>\r\n
      =======================
      login throttling \/ account lockout
      <\/strong>=======================
      Laravel already has this feature built-in inside: Illuminate\\Foundation\\Auth\\AuthenticatesUsers
      <\/strong>It uses another trait internally: ThrottlesLogins<\/p>\r\n
      class LoginController extends Controller\r\n{\r\n    use AuthenticatesUsers;\r\n    protected $redirectTo = '\/dashboard'; \/\/after successfull login\r\n    protected $maxAttempts = 2; \/\/ allow only 2 attempts\r\n    protected $decayMinutes = 60; \/\/ lock for 60 minutes\r\n}<\/code><\/pre>\r\n
       Internally it use this file: vendor\/laravel\/framework\/src\/Illuminate\/Foundation\/Auth\/ThrottlesLogins.php<\/p>\r\n
      It uses:<\/p>\r\n
        \r\n
      1. Cache<\/li>\r\n
      2. IP + email combination<\/li>\r\n
      3. Rate limiter<\/li>\r\n<\/ol>\r\n
        If You Want Custom Error Message Override this method in LoginController<\/strong>:<\/p>\r\n
        protected function sendLockoutResponse(\\Illuminate\\Http\\Request $request)\r\n{\r\n    $seconds = $this->limiter()->availableIn(\r\n        $this->throttleKey($request)\r\n    );\r\n\r\n    $minutes = ceil($seconds \/ 60);\r\n\r\n    throw \\Illuminate\\Validation\\ValidationException::withMessages([\r\n        'email' => \"Too many login attempts. Please try again in $minutes minute(s).\"\r\n    ]);\r\n}\r\n<\/code><\/pre>\r\n
         <\/p>","category_id":"2","is_private":"0","created_at":"2023-03-14T04:16:12.000000Z","updated_at":"2026-02-18T06:29:36.000000Z","category":{"id":2,"user_id":"1","name":"Laravel Core","slug":"laravel-nhyt","parent_id":"1","created_at":"2023-03-14T03:58:27.000000Z","updated_at":"2023-03-20T11:30:50.000000Z"},"user":{"id":1,"name":"R GONDAL","email":"rizikmw@gmail.com","email_verified_at":null,"two_factor_confirmed_at":null,"current_team_id":"1","profile_photo_path":null,"created_at":"2023-03-12T10:49:33.000000Z","updated_at":"2025-01-10T12:59:00.000000Z","profile_photo_url":"https:\/\/ui-avatars.com\/api\/?name=R+G&color=7F9CF5&background=EBF4FF"}},"pageDesc":"With laravel we can make login, register pages and databases 1.Run command  composer require laravel\/ui  it will create ???? app\/Http\/C - login \/ register in laravel, Auth + Redirect user to login if not authenticated || login throttling \/ account lockout. (Updated: February 18, 2026) - Read more about login \/ register in laravel, Auth + Redirect user to login if not authenticated || login throttling \/ account lockout. at my programming site [SITE]","categories":[]}