Download the PHP package grosv/laravel-passwordless-login without Composer
On this page you can find all versions of the php package grosv/laravel-passwordless-login. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download grosv/laravel-passwordless-login
More information about grosv/laravel-passwordless-login
Files in grosv/laravel-passwordless-login
Package laravel-passwordless-login
Short Description Passwordless login using temporary signed URL
License MIT
Informations about the package laravel-passwordless-login
Laravel Passwordless Login
A simple, safe magic login link generator for Laravel
This package provides a temporary signed route that logs in a user. What it does not provide is a way of actually sending the link to the route to the user. This is because I don't want to make any assumptions about how you communicate with your users.
Installation
Simple Usage
Using A Trait
Because some sites have more than one user-type model (users, admins, etc.), you can use a trait to set up the default configurations for each user type. The methods below are provided by the trait, so you only need to include the ones for which you want to use a different value.
If you are using the PasswordlessLogin Trait, you can generate a link using the defaults defined in the trait by simply calling createPasswordlessLoginLink()
on the user you want to log in.
The biggest mistake I could see someone making with this package is creating a login link for one user and sending it to another. Please be careful and test your code. I don't want anyone getting mad at me for someone else's silliness.
Configuration
You can publish the config file or just set the values you want to use in your .env file:
LPL_USER_MODEL
is the the authenticatable model you are logging in (usually App\User)
LPL_REMEMBER_LOGIN
is whether you want to remember the login (like the user checking Remember Me)
LPL_LOGIN_ROUTE
is the route that points to the login function this package provides. Make sure you don't collide with one of your other routes.
LPL_LOGIN_ROUTE_NAME
is the name of the LPL_LOGIN_ROUTE. Again, make sure it doesn't collide with any of your existing route names.
LPL_LOGIN_ROUTE_EXPIRES
is the number of minutes you want the link to be good for. I recommend you set the shortest value that makes sense for your use case.
LPL_REDIRECT_ON_LOGIN
is where you want to send the user after they've logged in by clicking their magic link.
LPL_USE_ONCE
is whether you want a link to expire after first use (uses cache to store used links)
LPL_INVALID_SIGNATURE_MESSAGE
is a custom message sent when we abort with a 401 status on an invalid or expired link. You can also add some custom logic on how to deal with invalid or expired links by handling InvalidSignatureException
and ExpiredSignatureException
in your Handler.php
file.
Reporting Issues
For security issues, please email me directly at [email protected]. For any other problems, use the issue tracker here.
Contributing
I welcome the community's help with improving and maintaining all my packages. Just be nice to each other. Remember we're all just trying to do our best.