While Laravel offers excellent authentication packages like Jetstream, Breeze, Fortify, and UI, there are times when you need complete control over your authentication flow. In this tutorial, I’ll walk you through creating a custom login and registration system in Laravel 12 from scratch.
Why Build Custom Authentication?
Laravel’s built-in auth packages are fantastic for quick setups, but they come with predefined logic and styling. By building our own system, we gain:
- Complete control over the user flow
- Custom design implementation
- Tailored validation rules
- Flexibility to add unique features
Prerequisites
Before we begin, ensure you have:
- PHP 8.1+ installed
- Composer available globally
- Basic Laravel knowledge
Step 1: Setting Up the Laravel Project
If you haven’t already created your Laravel 12 project, run:
composer create-project laravel/laravel example-appThis command sets up a fresh Laravel installation. If you’re working with an existing project, you can skip this step.
Step 2: Configuring Routes
Our authentication system needs several routes to handle different actions. Open routes/web.php and add:
<?php
use Illuminate\Support\Facades\Route;
use App\Http\Controllers\Auth\AuthController;
Route::get('/', function () {
return view('welcome');
});
// Authentication Routes
Route::get('login', [AuthController::class, 'index'])->name('login');
Route::post('post-login', [AuthController::class, 'postLogin'])->name('login.post');
Route::get('registration', [AuthController::class, 'registration'])->name('register');
Route::post('post-registration', [AuthController::class, 'postRegistration'])->name('register.post');
Route::get('dashboard', [AuthController::class, 'dashboard']);
Route::get('logout', [AuthController::class, 'logout'])->name('logout');These routes cover:
- Login display and processing
- Registration display and processing
- Dashboard access
- Logout functionality
Step 3: Creating the Auth Controller
Now, let’s build our AuthController that will handle all authentication logic:
<?php
namespace App\Http\Controllers\Auth;
use App\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use Session;
use App\Models\User;
use Hash;
use Illuminate\View\View;
use Illuminate\Http\RedirectResponse;
class AuthController extends Controller
{
/**
* Display login page
*/
public function index(): View
{
return view('auth.login');
}
/**
* Display registration page
*/
public function registration(): View
{
return view('auth.registration');
}
/**
* Handle login form submission
*/
public function postLogin(Request $request): RedirectResponse
{
$request->validate([
'email' => 'required',
'password' => 'required',
]);
$credentials = $request->only('email', 'password');
if (Auth::attempt($credentials)) {
return redirect()->intended('dashboard')
->withSuccess('You have successfully logged in');
}
return redirect("login")->withError('Oops! You have entered invalid credentials');
}
/**
* Handle registration form submission
*/
public function postRegistration(Request $request): RedirectResponse
{
$request->validate([
'name' => 'required',
'email' => 'required|email|unique:users',
'password' => 'required|min:6',
]);
$data = $request->all();
$user = $this->create($data);
Auth::login($user);
return redirect("dashboard")->withSuccess('Great! You have successfully logged in');
}
/**
* Display dashboard for authenticated users
*/
public function dashboard()
{
if(Auth::check()){
return view('dashboard');
}
return redirect("login")->withSuccess('Oops! You do not have access');
}
/**
* Create new user
*/
public function create(array $data)
{
return User::create([
'name' => $data['name'],
'email' => $data['email'],
'password' => Hash::make($data['password'])
]);
}
/**
* Handle logout
*/
public function logout(): RedirectResponse
{
Session::flush();
Auth::logout();
return Redirect('login');
}
}Key features of our controller:
- Type-hinted return values for better IDE support
- Clear method separation for each action
- Proper validation and error handling
- Secure password hashing
- Session management
Step 4: Designing the Views
Login Page (resources/views/auth/login.blade.php)
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Laravel 12 Custom User Login</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css" rel="stylesheet" crossorigin="anonymous">
<style>
body { background: #F8F9FA; }
</style>
</head>
<body>
<section class="bg-light py-3 py-md-5">
<div class="container">
<div class="row justify-content-center">
<div class="col-12 col-sm-10 col-md-8 col-lg-6 col-xl-5 col-xxl-4">
<div class="card border border-light-subtle rounded-3 shadow-sm mt-5">
<div class="card-body p-3 p-md-4 p-xl-5">
<div class="text-center mb-3">
<a href="#!">
<img src="https://www.itsolutionstuff.com/assets/images/footer-logo-2.png" alt="Logo" width="250">
</a>
</div>
<h2 class="fs-6 fw-normal text-center text-secondary mb-4">Sign in to your account</h2>
<form method="POST" action="{{ route('login.post') }}">
@csrf
@session('error')
<div class="alert alert-danger" role="alert">
{{ $value }}
</div>
@endsession
<div class="row gy-2 overflow-hidden">
<div class="col-12">
<div class="form-floating mb-3">
<input type="email" class="form-control @error('email') is-invalid @enderror" name="email" id="email" placeholder="name@example.com" required>
<label for="email" class="form-label">{{ __('Email Address') }}</label>
</div>
@error('email')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
<div class="col-12">
<div class="form-floating mb-3">
<input type="password" class="form-control @error('password') is-invalid @enderror" name="password" id="password" value="" placeholder="Password" required>
<label for="password" class="form-label">{{ __('Password') }}</label>
</div>
@error('password')
<span class="invalid-feedback" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
<div class="col-12">
<div class="d-flex gap-2 justify-content-between">
<div class="form-check">
<input class="form-check-input" type="checkbox" value="" name="rememberMe" id="rememberMe">
<label class="form-check-label text-secondary" for="rememberMe">
Keep me logged in
</label>
</div>
<a href="#!" class="link-primary text-decoration-none">{{ __('Forgot password?') }}</a>
</div>
</div>
<div class="col-12">
<div class="d-grid my-3">
<button class="btn btn-primary btn-lg" type="submit">{{ __('Login') }}</button>
</div>
</div>
<div class="col-12">
<p class="m-0 text-secondary text-center">Don't have an account? <a href="{{ route('register') }}" class="link-primary text-decoration-none">Sign up</a></p>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
</section>
</body>
</html>Registration Page (resources/views/auth/registration.blade.php)
<!DOCTYPE html>
<html>
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Laravel 12 Custom User Registration</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css" rel="stylesheet" crossorigin="anonymous">
<style>
body { background: #F8F9FA; }
</style>
</head>
<body>
<section class="bg-light py-3 py-md-5">
<div class="container">
<div class="row justify-content-center">
<div class="col-12 col-sm-10 col-md-8 col-lg-6 col-xl-5 col-xxl-4">
<div class="card border border-light-subtle rounded-3 shadow-sm">
<div class="card-body p-3 p-md-4 p-xl-5">
<div class="text-center mb-3">
<a href="#!">
<img src="https://www.itsolutionstuff.com/assets/images/footer-logo-2.png" alt="Logo" width="250">
</a>
</div>
<h2 class="fs-6 fw-normal text-center text-secondary mb-4">Create your account</h2>
<form method="POST" action="{{ route('register.post') }}">
@csrf
@session('error')
<div class="alert alert-danger" role="alert">
{{ $value }}
</div>
@endsession
<div class="row gy-2 overflow-hidden">
<div class="col-12">
<div class="form-floating mb-3">
<input type="text" class="form-control @error('name') is-invalid @enderror" name="name" id="name" placeholder="Your Name" required>
<label for="name" class="form-label">{{ __('Name') }}</label>
</div>
@error('name')
<span class="text-danger" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
<div class="col-12">
<div class="form-floating mb-3">
<input type="email" class="form-control @error('email') is-invalid @enderror" name="email" id="email" placeholder="name@example.com" required>
<label for="email" class="form-label">{{ __('Email Address') }}</label>
</div>
@error('email')
<span class="text-danger" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
<div class="col-12">
<div class="form-floating mb-3">
<input type="password" class="form-control @error('password') is-invalid @enderror" name="password" id="password" value="" placeholder="Password" required>
<label for="password" class="form-label">{{ __('Password') }}</label>
</div>
@error('password')
<span class="text-danger" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
<div class="col-12">
<div class="form-floating mb-3">
<input type="password" class="form-control @error('password_confirmation') is-invalid @enderror" name="password_confirmation" id="password_confirmation" value="" placeholder="Confirm Password" required>
<label for="password_confirmation" class="form-label">{{ __('Confirm Password') }}</label>
</div>
@error('password_confirmation')
<span class="text-danger" role="alert">
<strong>{{ $message }}</strong>
</span>
@enderror
</div>
<div class="col-12">
<div class="d-grid my-3">
<button class="btn btn-primary btn-lg" type="submit">{{ __('Register') }}</button>
</div>
</div>
<div class="col-12">
<p class="m-0 text-secondary text-center">Already have an account? <a href="{{ route('login') }}" class="link-primary text-decoration-none">Sign in</a></p>
</div>
</div>
</form>
</div>
</div>
</div>
</div>
</div>
</section>
</body>
</html>Dashboard Page (resources/views/dashboard.blade.php)
<!doctype html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title>Laravel 12 Custom Dashboard</title>
<link href="https://cdn.jsdelivr.net/npm/bootstrap@5.0.2/dist/css/bootstrap.min.css" rel="stylesheet" crossorigin="anonymous">
</head>
<body>
<main>
<div class="container py-4">
<header class="pb-3 mb-4 border-bottom">
<div class="row">
<div class="col-md-11">
<a href="/" class="d-flex align-items-center text-dark text-decoration-none">
<img src="https://www.itsolutionstuff.com/assets/images/logo-it-2.png" alt="Logo" width="300">
</a>
</div>
<div class="col-md-1">
<a class="dropdown-item" href="{{ route('logout') }}"
onclick="event.preventDefault();
document.getElementById('logout-form').submit();">
{{ __('Logout') }}
</a>
<form id="logout-form" action="{{ route('logout') }}" method="POST" class="d-none">
@csrf
</form>
</div>
</div>
</header>
<div class="p-5 mb-4 bg-light rounded-3">
<div class="container-fluid py-5">
@session('success')
<div class="alert alert-success" role="alert">
{{ $value }}
</div>
@endsession
<h1 class="display-5 fw-bold">Hi, {{ auth()->user()->name }}</h1>
<p class="col-md-8 fs-4">Welcome to your dashboard.<br/>This is your personalized space where you can manage your account and access exclusive features.</p>
<button class="btn btn-primary btn-lg" type="button">Get Started</button>
</div>
</div>
</div>
</main>
</body>
</html>Running the Application
With all our components in place, start the development server:
php artisan serveVisit http://localhost:8000/login in your browser to see your custom authentication system in action!
Conclusion
In this tutorial, we’ve built a complete custom authentication system in Laravel 12. We’ve covered:
- Setting up the Laravel project
- Creating custom routes for authentication
- Building a dedicated AuthController
- Designing beautiful, responsive views
- Implementing secure login, registration, and logout functionality
This approach gives you full control over your authentication flow while maintaining Laravel’s security features. You can now extend this system with additional features like email verification, password reset, or social login as needed.
Remember, while building custom auth gives you flexibility, always ensure you’re following security best practices when handling user credentials.
