This is by far the best explanation of this process I’ve heard! Thank you for taking the time to make things clear and as simple as possible! I’ve been using Laravel for about 5 years now but I still always get stuck on implementing auth as it’s not something I do very often! I wonder if you could make a video on how to implement sanctum auth with a framework like Sveltekit. I am interested in how you would implement this when there is also another server in between Laravel and the client. There is not much info on this elsewhere on the internet! Edit: I found your video on Nuxt + Laravel so I am going to take a look at that 😊

You explain it so perfectly!

couldn't have been explained in a better way

This is VERY good! I really think Laravel should have explanations on this topic in their own documentation. Very well done!

Omg what an explanation dude... Always Small Channel makes good content and step by step.. Thank you... Try to Understand this technical words long time ago. U got a new sub. Thx again

A pretty good video, thanks a lot! I'd really like to see how to implement this in code, so I'll very thankful if you will.

Great explanation!

Fantastic explanation! Great job.

this was an amazing explanation

yes. it is useful. thanks a lot

Amazing explanation

wonderfull !!!

thanks for the vedio very helpful

What is the purpose of a pre-flight request? Can't we get all the allow headers from the CSRF token request and then just send the login request? To me it seems like an extra API call that we could do without. Am I missing something?

Thanks a lot.

Awesome. thank you

I want to know that we will put route /login in web.php, after authenticated and get access token, all api link i request with different methods can re-use authenticated session?

Hey, first of all - thank you for this amazing video as well as all the others. I always find real value in almost every one of them. However, I wanted to ask, whether it would be possible to expand upon this video when adding the `remember_me` functionality into the mix. A couple of times I've stumbled upon an issue, where the session expires, but the user is still authenticated because of the remember me cookie, so then if you do a POST request (for example) it results in 419 while GET requests are working. But that's just an idea/suggestion. Thanks again for the incredible content and I am really looking forward to your Masteringauth course.

is the csrf gets re produce if csrf match?

Hey bro , im working on a laravel project with nextjs , i tried login and it worked and also user is working but when i try logout it respond with 419 error mismatch csrf token i tried everything and it still doesn't work could u pls help me😊

Why is the CSRF token generated previously of login? I mean I thought, it's not necessary that the user have any ID if he doesn't identify, doesn't it?

I'm stuck with mine. After setting cookie and session the app login works fine. However once a refresh and try to check with api if the user is still login in the back end it Auth::check facade it returns null. Should it not return the user ?

maximum security right? but the user's passwod is just 123456 😬

can you make a video sanctum and next js.

Is it same the logic when using personal access token?

I don't get how you can build an API... Where you're using postman or similar. You're not coming from a server, just a desktop app .. what does the server/VM running the API think the referer is? There's no website making the request... Just an app. Really confuses me

Just stumbled on your channel. Amazing content! On which social media can we follow you. LinkedIn, Twitter?