Nov 15, 2019 by Thibault Debatty | 3698 views
https://cylab.be/blog/45/disable-user-registration-in-your-laravel-application
Laravel is a powerful framework that comes with a lot of boilerplate code to handle most common cases. One of these is users management (register, login, reset password etc.)
For Laravel 5, you can create routes and views with a single command:
php artisan make:auth
For Laravel 6, you need to install laravel/ui first:
composer require laravel/ui --dev
php artisan ui vue --auth
This will, amongst others, add a line to routes/web.php:
Auth::routes();
The actual code of this method is located in Illuminate/Routing/Router.php, which you can find on GitHub for example.
Until version 5.6, the code for this method was:
public function auth()
{
// Authentication Routes...
$this->get('login', 'AuthLoginController@showLoginForm')
->name('login');
$this->post('login', 'AuthLoginController@login');
$this->post('logout', 'AuthLoginController@logout')->name('logout');
// Registration Routes...
$this->get('register', 'AuthRegisterController@showRegistrationForm')
->name('register');
$this->post('register', 'AuthRegisterController@register');
// Password Reset Routes...
$this->get('password/reset',
'AuthForgotPasswordController@showLinkRequestForm')
->name('password.request');
$this->post('password/email',
'AuthForgotPasswordController@sendResetLinkEmail')
->name('password.email');
$this->get('password/reset/{token}',
'AuthResetPasswordController@showResetForm')
->name('password.reset');
$this->post('password/reset', 'AuthResetPasswordController@reset');
}
From version 5.7, this code was modified to:
public function auth(array $options = [])
{
// Authentication Routes...
$this->get('login', 'AuthLoginController@showLoginForm')
->name('login');
$this->post('login', 'AuthLoginController@login');
$this->post('logout', 'AuthLoginController@logout')->name('logout');
// Registration Routes...
if ($options['register'] ?? true) {
$this->get('register',
'AuthRegisterController@showRegistrationForm')
->name('register');
$this->post('register', 'AuthRegisterController@register');
}
// Password Reset Routes...
if ($options['reset'] ?? true) {
$this->resetPassword();
}
// Password Confirmation Routes...
if ($options['confirm'] ??
class_exists(
$this->prependGroupNamespace(
'AuthConfirmPasswordController'))) {
$this->confirmPassword();
}
// Email Verification Routes...
if ($options['verify'] ?? false) {
$this->emailVerification();
}
}
So you have 2 methods to disable registration:
Auth::routes(['register' => false]);
Auth::routes()
by the actual list of routes that you want to keep:// Authentication Routes...
Route::get('login', 'AuthLoginController@showLoginForm')->name('login');
Route::post('login', 'AuthLoginController@login');
Route::post('logout', 'AuthLoginController@logout')->name('logout');
// Password Reset Routes...
Route::get('password/reset',
'AuthForgotPasswordController@showLinkRequestForm')
->name('password.request');
Route::post('password/email',
'AuthForgotPasswordController@sendResetLinkEmail')
->name('password.email');
Route::get('password/reset/{token}',
'AuthResetPasswordController@showResetForm')
->name('password.reset');
Route::post('password/reset', 'AuthResetPasswordController@reset');
This blog post is licensed under CC BY-SA 4.0