File in Laravel config/auth.php 'guards' Configuration

Upgrade & Secure Your Future with DevOps, SRE, DevSecOps, MLOps!

We spend hours scrolling social media and waste money on things we forget, but won’t spend 30 minutes a day earning certifications that can change our lives.
Master in DevOps, SRE, DevSecOps & MLOps by DevOps School!

Learn from Guru Rajesh Kumar and double your salary in just one year.

The ‘guards’ array allows you to define multiple guards, each representing a different way to authenticate users. By default, Laravel provides two guards: ‘web’ and ‘api’.

‘web‘ Guard: The ‘web’ guard is used for authenticating users using session-based authentication. It is commonly used for web applications where users authenticate via a login form and the session is maintained throughout their browsing session. This guard uses Laravel’s default session driver for managing user sessions.

‘api‘ Guard: The ‘api’ guard is used for authenticating API requests using token-based authentication. It is typically used for stateless APIs where clients authenticate by sending an API token with each request. The ‘api’ guard uses token-based authentication mechanisms like JSON Web Tokens (JWT) or API tokens generated by Laravel’s Passport package.

You can also define custom guards in the ‘guards’ array according to your application’s requirements. For example, you might create a ‘admin’ guard to authenticate administrators separately from regular users.

Here’s an example configuration of the ‘guards’ array in config/auth.php:

‘guards’ => [ ‘web’ => [ ‘driver’ => ‘session’, ‘provider’ => ‘users’, ], ‘api’ => [ ‘driver’ => ‘token’, ‘provider’ => ‘users’, ], // Custom Guard ‘admin’ => [ ‘driver’ => ‘session’, ‘provider’ => ‘admins’, ], ],

Multiple Guards Example

‘guards’ => [ ‘web’ => [ ‘driver’ => ‘session’, ‘provider’ => ‘users’, ], ‘api’ => [ ‘driver’ => ‘token’, ‘provider’ => ‘api_users’, ], ‘admin’ => [ ‘driver’ => ‘session’, ‘provider’ => ‘admin_users’, ], ],

In this example, we have defined three guards:

‘web’: Uses the session driver and retrieves users from the ‘users’ provider.

‘api’: Uses the token driver and retrieves users from the ‘api_users’ provider.

‘admin’: Uses the session driver and retrieves users from the ‘admin_users’ provider.

Utilizing Guards in Laravel: Once you have defined multiple guards, you can utilize them in your application by specifying the guard name when performing authentication checks or specifying the guard in routes, controllers, or middleware.

if (Auth::guard(‘web’)->check()) { // User is authenticated using the ‘web’ guard } else { // User is not authenticated }

Route Middleware Example:

Route::group([‘middleware’ => ‘auth:api’], function () { // Routes that require authentication using the ‘api’ guard });

DevOps Support

Upgrade & Secure Your Future with DevOps, SRE, DevSecOps, MLOps!

File in Laravel config/auth.php ‘guards’ Configuration

Upgrade & Secure Your Future with DevOps, SRE, DevSecOps, MLOps!

Related Posts

How to Generate a GitHub OAuth Token with Read/Write Permissions for Private Repositories

Laravel Error: Target class [DatabaseSeeder] does not exist – Solved for Laravel 10+

JWT (JSON Web Token) vs OAuth 2.0

Exploring and Creating a Proof of Concept (POC) to Upload APK Directly from GitHub Package

A Detailed Guide to CI/CD with GitHub Actions

Step-by-Step Guide for Setting Up Internal Testing in Google Play Console