PHPackages rolfhaug/laravel-magic-link - PHPackages - PHPackages [Skip to content](#main-content)[PHPackages](/)[Directory](/)[Categories](/categories)[Trending](/trending)[Leaderboard](/leaderboard)[Changelog](/changelog)[Analyze](/analyze)[Collections](/collections)[Log in](/login)[Sign up](/register) 1. [Directory](/) 2. / 3. [Authentication & Authorization](/categories/authentication) 4. / 5. rolfhaug/laravel-magic-link ActiveLibrary[Authentication & Authorization](/categories/authentication) rolfhaug/laravel-magic-link =========================== Create magic login links to let users log in to any route with a URL (without password) v1.2.0(6y ago)69.8k↓38.9%1[1 PRs](https://github.com/rahaug/laravel-magic-link/pulls)MITPHPPHP 7.1.8 Since Mar 10Pushed 3y ago2 watchersCompare [ Source](https://github.com/rahaug/laravel-magic-link)[ Packagist](https://packagist.org/packages/rolfhaug/laravel-magic-link)[ Docs](https://github.com/rolfhaug/laravel-magic-link)[ RSS](/packages/rolfhaug-laravel-magic-link/feed)WikiDiscussions master Synced 1mo ago READMEChangelog (1)Dependencies (3)Versions (7)Used By (0) Laravel Magic Link ================== [](#laravel-magic-link) This Laravel package allows you to create magic login links to let users log in to any route with a URL (without password). ``` example.com/mypage/update-card?token=1234:4cd3cf4b1c56c3e6e8ebe22db4b82869 ``` The [token hash](https://github.com/rahaug/laravel-magic-link/blob/master/src/LoginToken.php#L16) is generated using the unique `APP_KEY` of your Laravel project as salt. The token can be appended to any route. The package is lightweight, has no dependencies and does not perform unnecessary checks or database calls. Installation ------------ [](#installation) The package supports **Laravel 5.0** and newer. Installing the package is easy and requires three steps. Require the package ``` composer require rolfhaug/laravel-magic-link ``` Register the middleware under the **web middleware group**: ``` // App/Http/Kernel.php protected $middlewareGroups = [ 'web' => [ //... \RolfHaug\TokenAuth\Middleware\TokenAuthentication::class, ] ]; ``` Give the middleware a higher [priority](https://laravel.com/docs/5.8/middleware#sorting-middleware) than `\App\Http\Middleware\Authenticate::class`. > **Please note** It **must** have a higher priority to work with protected routes. ``` // App/Http/Kernel.php protected $middlewarePriority = [ \Illuminate\Session\Middleware\StartSession::class, \Illuminate\View\Middleware\ShareErrorsFromSession::class, \RolfHaug\TokenAuth\Middleware\TokenAuthentication::class, \App\Http\Middleware\Authenticate::class, //... ]; ``` > **Please note** If you don't have the `$middlewarePriority` property in your `Kernel.php`, you can grab it from `Illuminate\Foundation\Http\Kernel.php` which your kernel extends. Usage ----- [](#usage) As a user of this package you would normally generate tokens and append them to URL's. ### Generate Token [](#generate-token) The `generate` method takes your user model as the first argument and return a unique and secure token. ``` $token = RolfHaug\TokenAuth\LoginToken::generate($user); // 1234:4cd3cf4b1c56c3e6e8ebe22db4b82869 ``` You can pass a boolean flag (defaults to false) as a second argument if you want to receive the token parameter as well ``` $token = RolfHaug\TokenAuth\LoginToken::generate($user, true); // token=1234:4cd3cf4b1c56c3e6e8ebe22db4b82869 ``` ### Routes and URL's [](#routes-and-urls) There is many ways to create the URL's you need, here is a few common ways. **Named Routes** The `generateRoute` method will generate the URL to a named route and append a login token. ``` $url = RolfHaug\TokenAuth\LoginToken::generateRoute($user, 'web.mypage.billing'); ``` You can pass additional arguments, like you would with the [route helper](https://laravel.com/docs/5.8/helpers#method-route). ``` $url = LoginToken::generateRoute($user, 'user.show', [$user]); ``` **Free hand URL** Use the optional `$withParameter` flag, as a second parameter, to get the configured query parameter for the tokens to easily append it to any URL. ``` $url = "example.com/mypage?" . RolfHaug\TokenAuth\LoginToken::generate($user, true); ``` **URL built with [http\_build\_query](http://php.net/http_build_query)** Merge a token with other query parameters using the native `http_build_query` function. ``` $queryParameters = [ 'section' => 'billing' ]; $token = RolfHaug\TokenAuth\LoginToken::generateArray($user) $url = "example.com/mypage?" . http_build_query(array_merge($queryParameters, $token)); ``` Configuration ------------- [](#configuration) The package can be customized in the `config/auth.php` file, by adding or overwriting the following options. ``` return [ // Token Auth config (rolfhaug/laravel-magic-link package) 'token-parameter' => 'token', // Parameter the middleware will look for in the request 'token-separator' => ':', // Separator between user id and token hash // Disable middleware on following routes 'token-exclude-routes' => [ 'password/reset*' ] ]; ``` **User Model** The token generator require the model that is defined in the `config/auth.php` file under "providers.users.model". By default, this is the `App\User` model. Use Cases --------- [](#use-cases) The package is designed to reduce friction for users. I've successfully increased valuable conversion rates with this package. Here is some ideas on when the package can be valuable. **When a user is encouraged to take action in an email or SMS** - When you send emails about abandoned shopping carts - When a user must update their card to continue the service - When your content is protected behind a login wall **When prototyping projects or creating MVP's** Sometimes it does not make sense to have an admin-tool for all the actions a user can take. Instead you can have a "log in as user" link in the admin dashboard, and use the user dashboard to do the necessary changes. > **Protip** Log in as user in incognito tab to not loose your admin session :) **Example** As an admin, you might not need to be able to manage a user's address list in your ecommerce dashboard. Instead you can log in as the user, if you need to provide that support once in a while. ### Health Score 33 — LowBetter than 75% of packages Maintenance20 Infrequent updates — may be unmaintained Popularity30 Limited adoption so far Community9 Small or concentrated contributor base Maturity59 Maturing project, gaining track record Bus Factor1 Top contributor holds 100% of commits — single point of failure How is this calculated?**Maintenance (25%)** — Last commit recency, latest release date, and issue-to-star ratio. Uses a 2-year decay window. **Popularity (30%)** — Total and monthly downloads, GitHub stars, and forks. Logarithmic scaling prevents top-heavy scores. **Community (15%)** — Contributors, dependents, forks, watchers, and maintainers. Measures real ecosystem engagement. **Maturity (30%)** — Project age, version count, PHP version support, and release stability. ### Release Activity Cadence Every ~27 days Total 4 Last Release 2545d ago ### Community Maintainers ![](https://www.gravatar.com/avatar/f05cb53b0156861d37948b822a3a7b056e91c597fa69216f3073e1f10227dc85?d=identicon)[rahaug](/maintainers/rahaug) --- Top Contributors [![rahaug](https://avatars.githubusercontent.com/u/306927?v=4)](https://github.com/rahaug "rahaug (44 commits)") ### Code Quality TestsPHPUnit Code StylePHP CS Fixer ### Embed Badge ![Health badge](/badges/rolfhaug-laravel-magic-link/health.svg) ``` [![Health](https://phpackages.com/badges/rolfhaug-laravel-magic-link/health.svg)](https://phpackages.com/packages/rolfhaug-laravel-magic-link) ``` ### Alternatives [bezhansalleh/filament-shield Filament support for `spatie/laravel-permission`. 2.8k2.9M88](/packages/bezhansalleh-filament-shield)[gesdinet/jwt-refresh-token-bundle Implements a refresh token system over Json Web Tokens in Symfony 70516.4M35](/packages/gesdinet-jwt-refresh-token-bundle)[illuminate/auth The Illuminate Auth package. 9327.3M1.0k](/packages/illuminate-auth)[beatswitch/lock A flexible, driver based Acl package for PHP 5.4+ 870304.7k2](/packages/beatswitch-lock)[amocrm/amocrm-api-library amoCRM API Client 182728.5k6](/packages/amocrm-amocrm-api-library)[vonage/jwt A standalone package for creating JWTs for Vonage APIs 424.1M4](/packages/vonage-jwt) PHPackages © 2026 [Directory](/)[Categories](/categories)[Trending](/trending)[Changelog](/changelog)[Analyze](/analyze)