Is there a way to use certificates for auth?

I'm not brand new to Laravel, but I'm learning by making my own projects. I wanted to create a local application for myself, but to make my logins more secure, I wanted to have my laravel site prompt me for my/a certificate, and if it matches the saved certificate, allow access to an admin panel.

The only thing I've been able to find regarding this is an old Laravel 5 implementation, and I'm not sure if it still works or how to truly implement it. I serve my site using nginx locally.

Any help with this would be great. Thanks!

Glukinho

3 weeks ago

Level 30

This can be handled on web server, not Laravel: https://nginx.org/en/docs/http/ngx_http_ssl_module.html#ssl_client_certificate

I tried it once successfully (web server allowed to view a page only after a browser provides valid certificate), but it was only a test out of curiosity, no real implementation.

martinbean

2 weeks ago

Level 80

@lordzeus As @glukinho says, this is something that would be handled at the web server level, not in application code. The web server (Apache, nginx, etc) honours the request if the certificate is present, and rejects the request if the certificate is missing or invalid.

Please or to participate in this conversation.