# Laravel: Go for Passwordless Authentication

Hey guys,

Authentication topic today 😎

We all know that Laravel ships the default Email & Password authentication for us. The good'ol traditional way.

However, it's 2024 now. By registering using Email & Password, then users have to verify their emails. It's way bad UX and reduces your sign-up rates.

The `passwordless` is here to save the day 😎

## The PROs of using Passwordless Authentication

* Sign-up user flow will be really fast, with fewer inputs (or even 0 inputs) 😎
    
* The pain of remembering passwords is gone 🥰
    
* Save storage cuz we don't really store users' passwords (encrypted obviously) in our DB 🥹
    
* Verify the user's email in 1 go, 2 birds with 1 stone.
    

## Laravel Passwordless Authentication - The Approaches

### Social Auth

By utilizing [Laravel Socialite](https://laravel.com/docs/11.x/socialite), we can provide a quick sign-up/sign-in flow using:

* Google
    
* GitHub
    
* (or any awesome platform out there)
    

After users sign in, Laravel Socialite will give you some basic details: open id, full name, email, and profile picture.

Then simply do an `upsert` operation and `Auth::login($user)` to sign your user in 😎

### Magic Link via Email

For this, we only need users to input their email and their names, and then we are all good 🌹

For this, you might need to implement your own `generated_magic_links` table, e.g:

* id
    
* user\_id
    
* hash
    

You can create a temporary `user` with `email_verified_at = NULL` . Then send out the email using [Laravel Mail](https://laravel.com/docs/11.x/mail#main-content) feature.

On the user's first visit, you `touch` the `email_verified_at` , then log them in 🔥

Easy right?

### Other ways

* Send SMS (cost more lol)
    
* Use TOTP (time-based one-time password as temporary password)
    

## Considerations

* To increase the security, we can apply the `two-factor authentication` method after logging in.
    

## Conclusions

My applications use Passwordless authentication, check out [RenderPDF.io](https://renderpdf.io) as an example 😎.

Using passwordless is really cool and hassle-free. Fewer inputs, a happier life.

Happy coding guys!
