Mandeep Singh Blog

Secure Your Laravel Application with Password Verification

Mandeep Singh's photo
Mandeep Singh
·

2 min read

Introduction

In this tutorial, you will learn how to implement password verification using Laravel Form Request. Laravel Form Request is a powerful tool that allows you to validate incoming requests before they are processed by your controller. This can help to prevent malicious users from submitting invalid or harmful data to your application.

Prerequisites

To follow this tutorial, you will need the following:

  • A Laravel application

  • A basic understanding of Laravel Form Request

Step 1: Creating the View

The first step is to create the view that will be used to collect the user's password information. In this example, we will create a view called password.blade.php in the resources/views directory.

HTML

<form action="/password" method="post">
@csrf

<input type="text" name="name" placeholder="Name">
<input type="password" name="password" placeholder="Password">
<input type="password" name="password_confirmation" placeholder="Confirm Password">

<button type="submit">Submit</button>
</form>

Step 2: Creating the Form Request

The next step is to create the Form Request that will be used to validate the user's password information. In this example, we will create a class called PasswordRequest in the app/Http/Requests directory.

PHP

<?php

namespace App\Http\Requests;

use Illuminate\Foundation\Http\FormRequest;

class PasswordRequest extends FormRequest
{
    protected $rules = [
        'name' => 'required|string',
        'password' => 'required|confirmed',
    ];
}

The rules property defines the validation rules that will be applied to the user's input. In this case, we are requiring the user to provide a name, password, and password_confirmation. The password and password_confirmation fields are also required to be the same.

Step 3: Setting Up the Controller

The next step is to set up the controller that will handle the password verification request. In this example, we will create a controller called PasswordController in the app/Http/Controllers directory.

PHP

<?php

namespace App\Http\Controllers;

use App\Http\Requests\PasswordRequest;

class PasswordController extends Controller
{
    public function store(PasswordRequest $request)
    {
        // Do something with the user's password information
    }
}

The store method is where we will do something with the user's password information. For example, we could save the user's password information to the database.

Step 4: Setting up Protected Routes and Data Mutators

In order to protect the /password route, we need to use the protected keyword in the Route::get method.

PHP

Route::get('/password', ['uses' => 'PasswordController@show'])->name('password');

We also need to use the data keyword in the store method to pass the user's password information to the PasswordController.

PHP

Route::post('/password', ['uses' => 'PasswordController@store'])->name('password.store');

Conclusion

In this tutorial, you have learned how to implement password verification using Laravel Form Request. By following these steps, you can help to protect your application from malicious users.

Did you find this article valuable?

Support Mandeep Singh Blog by becoming a sponsor. Any amount is appreciated!

Laravel