How to build a Project Management App in Laravel 5 – Part 3

Let’s continue from our last post. We ran all the migrations successfully.

Let’s go ahead to create our Authentication Pages

Create an Auth folder in your views directory.

Create two files namely register.blade.php and login.blade.php respectively.

Now go to your routes.php file and add this:

In this file, we have our different routes for the register and login links. Now, there is a better way of doing this, but I put this here for instant clarity. Later we would refactor. So just follow on for now.

uses refers to the method that will be called once when a user hits this route in the browser

as refers to an alias also called a named route that can just be used whenever we want to refer to this route in any part of our application.

middleware refers to a filter that is called just before the route is hit. In this instance, we are calling the inbuilt guest filter. This simply says  a non-registered user can comfortably put this route in the browser and there won’t be any issue. He/she would have access to these pages.

Create an AuthController.php file in your Controllers folder.




In the forms you’ll discover in the action attribute, we have a route function. That’s a helper function that Laravel provides for referencing our routes. In this instance, we are referencing our register and login routes and doing a post request to this routes.

$errors – This is where Laravel stores all the errors that occur as a result of a form submission that has rules applied to it and the user didn’t obey all the errors. We’ll be creating rules soonest, so you can fully understand how this works.

csrf_token() – Laravel provides this for forms to prevent cross-site request forgery.

old() – A helper function that Laravel provides to return the input a user has entered in a previous submission of a form so that the user doesn’t have to write it all over again.

Now, Let’s process our forms. Head over to the AuthController.php and add these methods:

These two methods pass in a $request variable which is an instance of the Request class. The Request class provides every detail of form requests in a Laravel application. So in this instance, we are using it to get the values of the form fields by just passing the name attributes of the different form fields.

The second argument to the validates method is an array of rules. The rules define how you specifically tell Laravel to process the form. In this case, we want the email, username and password field to be required, we also want the email and username values to be unique, thus Laravel checks the user input with the database to make sure no other user has that registered already. You can check the available rules that Laravel provides here.

User is a Facade that represents the User Model. The create method is one of the methods that can be called on the User Model. It allows for mass assignment of values, that simply means I can create several users here at once, but on one condition, the code below must be specified in the User Model.


In User.php, we have the $fillable array. This contains the names of the database columns of the users table that we want to give the ability to be mass-assignable.

In this instance, ours would be username, email and password. 

In the postLogin method, we have

The Auth Facade that Laravel provides has several methods that you can call on it. One of such is the attempt method. It takes in two arguments. The first argument is an array of the fields you want to do actual validation of against the database. In the background, it simply queries the database with the email and password values to check if any other user already has those details. If it’s present, it returns false, if not it returns true. The second argument is the remember me functionality. If the remember me checkbox was ticked in the form, then it passes a value of true to the attempt method, otherwise false. When the user clicks login, if the remember me checkbox was ticked, Laravel creates a session cookie in the browser for that particular user. If the user leaves the application without logging out, when the user returns, Laravel just validates if the cookie is still there, if it is…then the user won’t have to login again.


Check your console and verify.

Now, when the user signs in, if it is successful, the user would be redirected to the index page ( a.k.a homepage ) with a message else the user would be shown the appropriate message like we specified.

Let’s quickly hop back to the User Model and add this method to fetch the user’s avatar from gravatar.


$this->email gets the user’s email from the email column in the user table. This method simply fetches an  avatar from the popular gravatar service using the user’s email as a parameter. If the user has no avatar, it still returns a default avatar.

Now Back to the homepage

Now, the homepage still shows the signup and register button when the User signs in. Let’s take care of that

Back to our index page index.blade.php . Replace the former content with this:

Let’s look at some of the changes we made.

We added Auth::check(). check() is another method that Laravel provides on the Auth facade. It checks if a user is currently logged in. It returns true if a user is currently logged in and false if otherwise.

In our app, if a user is logged in, it no longer shows the signup and signin buttons, It goes ahead to show the dashboard.

Auth::user() provides the details of a user once he/she is logged in. So you can access all the column names and properties of the user table  from this function. Here we wanted to show the username, all we did was Auth::user()->username. Is that not cool? :smile:

Auth::user()->getAvatarUrl() helps get the getAvatarUrl() method we implemented in the User Model. That method helps get the user’s avatar from gravatar. If the user doesn’t have any image on the gravatar service, it returns a default avatar.

Note: Head over to your master.blade.php and link this file dashboard.css like so:

You can get the file here


Head over to your AuthController.php and add the logout method:

Go to routes.php and add this:

Now, if you click on the Sign Out link in the dashboard, our app will log out the user.


We have implemented our authentication system in a breeze. Let’s take a deep breath and give ourselves a high-five!.  Got get yourself some coffee while you wait for the next post :smile:

Please if you have any questions or observations, feel free to drop it in the comments section below. 



Food Ninja, Code Slinger, Technical Trainer, Accidental Writer, Open Source Advocate and Developer Evangelist.