Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
hello,
first of all im new in Laravel and i used Codeigniter before...
Users in my project have one session for each system they logged in to and each session has its own token.
sessions are stored in sessions table and sessions table is related to users table for retrieving the users informations by token
User token and authentication is written by me and I do not use Laravel authentication system because I recently transferred my project from Codeigniter to Laravel.
so how can i manage this sessions and token generation with laravel authenticating system ?
Sure you can write you own authentication system.
https://laravel.com/docs/9.x/authentication#authenticating-users
You can also use Fortify and do some simple transformations in the users table if needed, then you will have a strong and secure authentication system.
@vincent15000 thank you Vincent im reading the docs if( $question ) { ask(vincent) } :))
how laravel fortify makes tokens ? is it for web applications or i can use it for my api
@Jordi.El.Nino.Pola Fortify does't make any token, for that you need either Sanctum or Passport.
@vincent15000 can i authenticate private channels with lunching fortify ?
@jordi.el.nino.pola You can use any of these for token generation:
Tokens can be any set of characters you choose. Then you can use str_shuffle($string) in PHP to generate the token.
You can use PHP's uniqid() function to get randomized characters for the token.
Then you can validate the token on the user request
@Emokores im doing this right now.
im generating token by my self and send it to the front end and validate it by custom middleware before every routes.
my goal for using laravel authenticating system is that i want to use broadcast private channels with laravel-echo-server and authenticating private channels needs laravel auth system
actually i'm little confused about it
@Jordi.El.Nino.Pola As as said in a previous answer, have a look at Sanctum.
@vincent15000 how can i manage users sessions ( the table ) with sanctum ?
@Jordi.El.Nino.Pola Oh okay! Then Laravel's authentication system handles everything for you. Read the docs on authentication sessions and authorization. Everything is well laid out. You might not even need your sessions migration, depending. See how you can do without it if it's not needed
@Jordi.El.Nino.Pola You only need Laravel Sanctum if you're accessing the backend through an API, especially if your application is an SPA (JavaScript-rendered frontend). Use Fortify if you're not accessing the backend through an API
@Emokores yes i'm accessing the backend through an API, my app is spa ( reactJs ).
as i said at the first my users have sessions and token's are stored in sessions table per user session.
so can i handle this with sanctum ?
@Jordi.El.Nino.Pola Very well! You can use Sanctum. It will help to setup the session management, authentication and authorization sequences. Read the docs for more details
@Emokores thank you so much man...
@Jordi.El.Nino.Pola you're welcome!
Please or to participate in this conversation.