Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
Hello! I'm building a system using the Jetstream/Fortify stack and using the included authentication, but I want to make the first user register itself when accessing any route protected by the 'auth' middleware and disable registration after (as the first user should invite the other users).
But I can't configure Fortify's registration feature to act like that, can I? Do you know some way to make this work? I tried writing other middleware but got an infinite redirect loop at the end.
If I understand you correctly, you want to make sure that a user who is logged in cannot reach the registration page. Is that correct?
Fortify already enforces this behavior. Try it yourself. Log into your app and then try to visit the register page. Fortify should kick you to the dashboard by default. This is the standard behavior with a normal installation.
If this does not answer your question please try stating your question again.
No, that's not what I meant.
In a new Laravel project with Fortify, I can turn the registration of new users on or off by commenting or uncommenting this feature in the "features" array of the Fortify configuration, right?
What I want is: as soon as I deploy the application, user registration and email verification must be turned on, so the first user can register and have their email checked. However, after 1 user is already registered, I want the system to turn off these features (email registration and verification), and that first user who registered will be responsible for registering other users in an internal form that I will develop.
I would like to do this cleanly and integrated with Fortify to avoid problems in the future.
I've never needed to do something like this, but one solution I can think of would be to use Fortify registration in your local/staging development environment. Create the one user that you need. Then, disable registration for production and manually copy over the necessary information to your production tables. For the standard Fortify/Jetstream setup, you would need to copy over the user and the corresponding team. I do not know of a way to disable registration programmatically.
Why do you need to do this?
I also think it would be interesting to block the login view and force the registration view to appear on any attempt to access a route protected by the auth middleware before the first user is registered, since there is no user to be able to login before the first user registers.
You could do this by overriding the supplied login and registration routes. Manually add login and register routes to web.php and point them to a custom controller. You could handle this logic in that controller.
Please or to participate in this conversation.