Password Confirmation

Dries Vints
Dries Vints
Share:
  • ...
  • ...
  • ...
...

The Laravel v6.2.0 release ships with a new password confirmation feature. This feature allows you to attach a password.confirm middleware to routes where you want a user to re-confirm their password.

Route::get('/secrets', '[email protected]')->middleware('password.confirm');

If you attempt to access the route, you will be prompted to confirm your password, similar to what you may have seen on other applications like GitHub:

The new password confirmation screen

The new password confirmation screen

Confirming the password will store a timestamp in the user's session that lasts for three hours by default so users do not have to enter their password during that period again. You may customize this duration using a new password_timeout configuration option in the auth configuration file.

In addition, a new password validation rule has been added to the framework. This validation rule may be used to validate that a given password matches the user's existing password.

Latest Stories

Here’s what we've been up to recently.

Request a code sample

Certified Quality. Great Prices

We use cookies to improve your experience and to help us understand how you use our site. By using this site, you accept our use of cookies. Cookie Infox