parvezmia/laravel-passwordless-auth
Composer 安装命令:
composer require parvezmia/laravel-passwordless-auth
包简介
A secure, user-friendly Laravel package for passwordless authentication via magic links
关键字:
README 文档
README
A simple, secure passwordless authentication system for Laravel applications. This package provides a complete solution for implementing magic link authentication in your Laravel projects.
Installation
You can install the package via composer:
composer require parvezmia/laravel-passwordless-auth
Configuration
After installation, publish the package assets:
php artisan vendor:publish --provider="ParvezMia\LaravelPasswordlessAuth\PasswordlessAuthServiceProvider"
This will publish:
- Configuration file
- Migration file
- View templates
- Route definitions
Configuration Options
The published configuration file (config/passwordless-auth.php) contains the following options:
return [ // Time in minutes before a login token expires 'token_expiration' => 15, // Where to redirect users after successful login 'redirect_on_login' => '/dashboard', // Length of the generated security token 'token_length' => 64, // User model to use for authentication 'user_model' => \App\Models\User::class, // Field to use as login identifier (typically email) 'login_identifier' => 'email', // Email template for login links 'email_view' => 'passwordless-auth::emails.login-link', ];
Database Setup
Run the migrations to create the necessary database tables:
php artisan migrate
This creates a login_tokens table to store the temporary login tokens.
Queue Configuration
This package uses Laravel's queue system to send emails asynchronously for better performance. To configure the queue:
- Set up your preferred queue driver in your .env file:
QUEUE_CONNECTION=database
- If using the database driver, run the queue migration:
php artisan queue:table
php artisan migrate
- Start the queue worker:
php artisan queue:work
Route Integration
To include the passwordless authentication routes in your application, add the following line to your routes/web.php file:
require __DIR__.'/passwordless-auth.php';
Available Routes
The package provides the following routes:
| Method | URI | Name | Description |
|---|---|---|---|
| GET | /login/passwordless | passwordless.login | Displays the login form |
| POST | /login/passwordless | passwordless.send | Processes the login request and sends link |
| GET | /login/passwordless/verify/{token} | passwordless.verify | Verifies token and logs user in |
| POST | /logout | passwordless.logout | Logs the user out |
Email Configuration
For the email functionality to work properly, ensure your Laravel application has proper email configuration in your .env file:
MAIL_MAILER=smtp
MAIL_HOST=your-smtp-host
MAIL_PORT=587
MAIL_USERNAME=your-username
MAIL_PASSWORD=your-password
MAIL_ENCRYPTION=tls
MAIL_FROM_ADDRESS=your-email@example.com
MAIL_FROM_NAME="${APP_NAME}"
Customization
Publishing Specific Components
You can publish specific components of the package:
# Publish only configuration php artisan vendor:publish --provider="ParvezMia\LaravelPasswordlessAuth\PasswordlessAuthServiceProvider" --tag="config" # Publish only migrations php artisan vendor:publish --provider="ParvezMia\LaravelPasswordlessAuth\PasswordlessAuthServiceProvider" --tag="migrations" # Publish only views php artisan vendor:publish --provider="ParvezMia\LaravelPasswordlessAuth\PasswordlessAuthServiceProvider" --tag="views" # Publish only routes php artisan vendor:publish --provider="ParvezMia\LaravelPasswordlessAuth\PasswordlessAuthServiceProvider" --tag="routes" # Publish only email-related files php artisan vendor:publish --provider="ParvezMia\LaravelPasswordlessAuth\PasswordlessAuthServiceProvider" --tag="email" # Publish only controllers php artisan vendor:publish --provider="ParvezMia\LaravelPasswordlessAuth\PasswordlessAuthServiceProvider" --tag="controllers" # Publish only models php artisan vendor:publish --provider="ParvezMia\LaravelPasswordlessAuth\PasswordlessAuthServiceProvider" --tag="models" # Publish all components at once php artisan vendor:publish --provider="ParvezMia\LaravelPasswordlessAuth\PasswordlessAuthServiceProvider" --tag="all"
Customizing Views
After publishing the views, you can customize them in resources/views/vendor/passwordless-auth/.
Usage Examples
Adding Login Link to Your Application
<a href="{{ route('passwordless.login') }}">Login without password</a>
Adding Logout Button
<form method="POST" action="{{ route('passwordless.logout') }}"> @csrf <button type="submit">Logout</button> </form>
Login Flow
- User visits the login page and enters their email address
- A unique, secure token is generated and stored in the database
- An email with a login link containing the token is sent to the user
- User clicks the link in their email
- The token is verified and the user is automatically logged in
- The token is deleted to prevent reuse
Troubleshooting
Email Issues
If emails are not being sent:
- Check your Laravel log files for errors:
storage/logs/laravel.log - Verify your mail configuration in
.env - Try using the log mail driver for testing:
MAIL_MAILER=log - Ensure the user model has the
Notifiabletrait - Clear config cache:
php artisan config:clear
Route Issues
If routes are not working:
- Make sure you've included the routes file in your
web.php - Clear route cache:
php artisan route:clear - Check for route conflicts with
php artisan route:list
Security Considerations
- Login tokens expire after the configured time (default: 15 minutes)
- Tokens are single-use and are deleted after successful login
- Tokens are stored securely in the database with a unique constraint
- The package uses Laravel's built-in CSRF protection
Contributing
Contributions are welcome! Please feel free to submit a Pull Request.
License
The MIT License (MIT). Please see License File for more information.
parvezmia/laravel-passwordless-auth 适用场景与选型建议
parvezmia/laravel-passwordless-auth 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 9 次下载、GitHub Stars 达 2, 最近一次更新时间为 2025 年 04 月 05 日, 在 PHP 生态内属于活跃度较高的组件。
它主要适用于以下技术方向: 「Authentication」 「laravel」 「Passwordless」 「secure-login」 「passwordless-auth」 「magic-link」 等业务场景。在实际项目中,围绕这些方向常见需要落地的问题包括:接口对接、性能调优、并发安全、与既有框架(Laravel / ThinkPHP / Yii / Webman 等)的兼容适配,以及生产环境的日志埋点与稳定性保障。
我们在过去多个企业项目中使用过 parvezmia/laravel-passwordless-auth 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。
基于 parvezmia/laravel-passwordless-auth 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。
线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。
承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。
与 parvezmia/laravel-passwordless-auth 相关的其它包
同方向 / 同关键字的高下载量 PHP Composer 包推荐,方便对比选型:
Automatically logs-in users if they are already authenticated by a remote source. (e.g. environment variable REMOTE_USER)
Virgil is a stack of security libraries (ECIES with Crypto Agility wrapped in Virgil Cryptogram) and all the necessary infrastructure to enable seamless, end-to-end encryption for any application, platform or device. See below for currently available languages and platforms. Get in touch with us to
GraphQL authentication for your headless Craft CMS applications.
Virgil is a stack of security libraries (ECIES with Crypto Agility wrapped in Virgil Cryptogram) and all the necessary infrastructure to enable seamless, end-to-end encryption for any application, platform or device. See below for currently available languages and platforms. Get in touch with us to
Laravel middleware to restrict a site or specific routes using HTTP basic authentication
Email Toolkit Plugin for CakePHP
统计信息
- 总下载量: 9
- 月度下载量: 0
- 日度下载量: 0
- 收藏数: 2
- 点击次数: 20
- 依赖项目数: 0
- 推荐数: 0
其他信息
- 授权协议: MIT
- 更新时间: 2025-04-05