Support the ongoing development of →
Authentication Security
Last updated 1 year ago.

Hi, you can write your own controller for authenticate users, but before read this

seems like this

SomeController(SomeControllerRequest $request) {
  $validated = $request->validated();
  if (!Auth::attempt($validated)) { //if user don't authorized, then redirect to home
     return redirect('/home');
  } else {
     return redirect('/profile'); //if user authorized, then redirect to profile

If you wanna change table, then check auth.php file in config folder

   'providers' => [
        'users' => [
            'driver' => 'eloquent',
            'model' => App\Models\User::class,

By default, Laravel uses the email field for authentication. If you would like to customize this, you may define a username method on your LoginController:

public function username()
    return 'username';
Last updated 4 years ago.

@YNG Thank you for your reply. I have read that documentation, but am still not understanding how custom tables and validations are made. The credentials I am checking are not a conventional username and password, but are instead a 'username' (with a different column name), and a four digit pin number.

Would changing the type of password to check again be the same as the username?

public function password() {
    return 'pin';

Also, I never found out of it's possible to use different auth guards and providers at the same time on a single application. The way my application is being built, I have three sections to it. One requires a username/password (the administrative side), and the other two sections (mdt and ems) both require a name + pin to login, but only one credential for each section. Would it be possible for the auth system to be built so one person could use all three logins at the same time on the site and access all three sections at once?

Last updated 4 years ago.

At the user model add this:

 * Get the password for the user.
 * @return string
public function getAuthPassword()
    return $this->someColumnInDatabaseWhereYouStorePassword;

For use custom guards you need this:

For authentication in laravel is responsible Auth facade, and in auth.php file you set model what used for it. By default used User model, you can see what this not typical model, they extends Illuminate\Foundation\Auth\User class

Last updated 4 years ago.

@YNG Yep, I figured the first part. The second part though, the custom guards, is that in response to being able to indicate which user can access which part of the site? I am thinking it may be easier to just make one authentication type and set a 'access' on a user in the table, and use like Auth::hasaccess('access-type') to see if they can access the route group or not.


@Ex0r you are talking about two different things

1 Authentication and 2 Authorisation

the first part can be done by creating your own user provider that extends the original user provider and just overrides the retrieveByCredentials(array $credentials); and validateCredentials(Authenticatable $user, array $credentials); functions

the second part can be solved by using laravels built in authorisation system also known as gates or if you want something fancier/advanced then you can have a look at

Hope this helps you along the way


So what I decided to do is share the same table for all types and just use a column 'type' at the authorization level, like

if (Auth::user()->access == 1)

When using php artisan make:auth it made all of the views, but didn't make the model or the controller. In attempting to try creating it manually, nothing is linked together now so I'm left with a broken Auth system. How can I fix it? I tried deleting all of the scaffolding and anything that said Auth, Login, or User inside of the app/ folder, then re-running the make:auth command but it just keeps recreating the views and nothing else.


Sign in to participate in this thread!


Your banner here too?

Ex0r ex0r Joined 16 Feb 2015


We'd like to thank these amazing companies for supporting us

Your logo here?

The Laravel portal for problem solving, knowledge sharing and community building.

© 2024 - All rights reserved.