tomasnorre's avatar

Authentication, Email verification and forgotten password

Hi,

I have a Laravel 12 application that I have build with no starter kit. I have right now simple registration and login forms.

My next steps are to build, email verification into the registration process, and then add the forgotten password functionality.

I have been looking a little around.

If I start a new Laravel 12 application, is asking for React, Vue or Livewire starter kit. I would prefer none; I know I get boilerplate code handed to me, but I would prefer to keep React, Vue and Livewire out of the picture for now.

I have been looking into Laravel Breeze, but sounds like it's not "the way to go" anymore for new projects. Furthermore, I have look at a little into Laravel Fortify, which looks a little like a skeleton I can build on, and currently I think that's the way to go for me.

Do you have any suggestions on how I should approach this? Feedback would be welcomed and appreciated.

Thanks

1 like
3 replies
LaryAI's avatar
LaryAI
AI
2 months ago
Level 58

Certainly! Here’s a recommended approach to email verification and forgotten password features for your Laravel 12 app, without using any JS frontend starter kit.

1. Laravel Fortify: The Right Choice

Since you don't want React, Vue, Livewire, or any frontend scaffolding, using Laravel Fortify is ideal. Fortify provides backend endpoints for authentication, registration, password reset, email verification, and more, but doesn't install any frontend code.

2. Setup Steps

a. Install Fortify

Run:

composer require laravel/fortify
php artisan vendor:publish --provider="Laravel\Fortify\FortifyServiceProvider"

b. Register Fortify

In config/app.php providers array, ensure:

App\Providers\FortifyServiceProvider::class,

c. Configure Features

In config/fortify.php, enable these:

'features' => [
    Features::registration(),
    Features::resetPasswords(),
    Features::emailVerification(),
    // ... (others as needed)
],

d. Enable Email Verification

User Model:

Implement MustVerifyEmail:

use Illuminate\Contracts\Auth\MustVerifyEmail;

class User extends Authenticatable implements MustVerifyEmail
{
    // ...
}

3. Add Routes to Handle Verification and Reset

Fortify publishes all the routes, you just need to link to them from your Blade forms:

  • Email verification: after registration, point user to /email/verify (Fortify provides this).
  • Send verification email: POST /email/verification-notification
  • Check verification: link in the email goes to /email/verify/{id}/{hash}

Password reset:

  • Request: POST /forgot-password
  • Form link (sent by email): /reset-password/{token}

4. Blade Forms

You need to build the forms/views yourself. For example, for "Forgot password":

<!-- resources/views/auth/forgot-password.blade.php -->
<form method="POST" action="{{ route('password.email') }}">
    @csrf
    <input type="email" name="email" required autofocus>
    <button type="submit">Send Password Reset Link</button>
</form>

For "Reset password":

<!-- resources/views/auth/reset-password.blade.php -->
<form method="POST" action="{{ route('password.update') }}">
    @csrf
    <input type="hidden" name="token" value="{{ $token }}">
    <input type="email" name="email" required autofocus>
    <input type="password" name="password" required>
    <input type="password" name="password_confirmation" required>
    <button type="submit">Reset Password</button>
</form>

And you can copy similar forms for login, registration, etc.

5. Summary / TL;DR

  • Fortify gives you full authentication endpoints but no frontend so you control the UI (with Blade).
  • You get email verification and password resets "for free"—just hook up the forms and notification templates.
  • No React, Vue, or Livewire needed.
  • Simple, upgradable, and secure.

If you want more guidance on the Blade side or customizing Fortify's flows, just ask!

1 like
tomasnorre's avatar

That would be great with the blade side of things too, just to get some input.

Please or to participate in this conversation.