Authenticate users using a magic link

v1.1.4 2020-09-11 06:50 UTC

This package is auto-updated.

Last update: 2022-04-23 12:18:28 UTC


Fast and secure passwordless authentication for the masses.

Scrutinizer Code Quality Latest Stable Version Monthly Downloads License

Buy me a coffee ☕️


  • PHP >= 7.1.3
  • Laravel >= 5.6, 6.0 or 7.0


First, install the package via the Composer package manager:

$ composer require soved/laravel-magic-auth

After installing the package, you should publish the configuration file:

$ php artisan vendor:publish --tag=magic-auth-config

Add the Soved\Laravel\Magic\Auth\Contracts\CanMagicallyLogin interface to the App\User model:


namespace App;

use Illuminate\Notifications\Notifiable;
use Soved\Laravel\Magic\Auth\Traits\CanMagicallyLogin;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Soved\Laravel\Magic\Auth\Contracts\CanMagicallyLogin as CanMagicallyLoginContract;

class User extends Authenticatable implements CanMagicallyLoginContract
    use Notifiable, CanMagicallyLogin;

Finally, add the Soved\Laravel\Magic\Auth\Traits\CanMagicallyLogin trait to the App\User model to implement the interface.


This package exposes two endpoints, one to request a magic link (magic/email) and one to authenticate using the magic link (magic/login). Your application should make a POST call, containing the user's email address, to request a magic link. The magic link will be send via email using a notification. Feel free to customize the notification by overriding the CanMagicallyLogin@sendMagicLinkNotification method.


You may want to register the Soved\Laravel\Magic\Auth\Http\Middleware\AuthenticateWithMagicLink middleware to ensure users are authenticated via a magic link.

Security Vulnerabilities

If you discover a security vulnerability within this project, please send an e-mail to Sander de Vos via All security vulnerabilities will be promptly addressed.


This package is open-source software licensed under the MIT license.