Ideal Sessioning and authentication for Laravel

• Passwordless authentication
  • Ability to store and compare a cookie, securing the magic link sent out
  • Link expiration
  • Able to store "action" objects passed through for completing tasks the user was doing before prompted
• Detailed sessions using whichbrowser

"device": {
  "string": "Chrome 68 on a Google Pixel 2 XL running Android 9",
  "platform": "Android 9",
  "browser": "Chrome 68",
  "name": "Google Pixel 2 XL",
  "desktop": false,
  "mobile": true
}

• Detailed location using lyften's adapter for GeoIP2

"location": {
  "ip": "86.222.88.167",
  "country": "France",
  "city": "Lons",
  "state": "NAQ",
  "postal_code": "64140",
  "lat": 43.3167,
  "lon": -0.4,
  "timezone": "Europe\/Paris",
  "currency": "EUR"
}

Install humble with composer:

composer require acidjazz/humble

Add Humble's trait to your user model:

use acidjazz\Humble\Traits\Humble;
...
class User extends Authenticatable
{
  use Humble, Notifiable;
}

Publish Humble's migrations (sessions table)

php artisan vendor:publish --tag="humble.migrations"

Run the migration

php artisan migrate

Change your guard in your config, to the 'humble' guard in config/auth.php, in my case since I mainly use Laravel as an API

    'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],

        'api' => [
            'driver' => 'humble',
            'provider' => 'users',
        ],
    ],

Check your defaults as well, if it's not api, you'll need to change that

If your user class is not App\Models\User, we need to tell humble what it is:

Publish Humble's configuration

 php artisan vendor:publish --tag="humble.config"

Modify config/humble.php and specify your user class