Laravel session-based authentication, CSRF Protection, and CORS

Updated: Apr 20, 2020 — 1 min Read

This week I started recording youtube videos explaining some of the internals of Laravel.

First, I started with explaining how session authentication works in Laravel. I went into explaining how cookies work and how Laravel uses them to store the session ID and retrieve it to authenticate users.

Then I went into explaining how Laravel protects you against CSRF. But before that, I shared an example of how CSRF can be dangerous.

I also shared a bit of history on browsers before CORS, why CORS was introduced, and how Laravel helps you configure it.

And finally I discussed the main differences between session-based and token-based authentication.

Hey! 👋 If you want to receive updates on what I'm up to, I host a newsletter on my website and would love to have you.

You can also follow me on Twitter, I regularly post about all things Laravel including my latest video tutorials and blog posts.

By Mohamed Said

Hello! I'm a full-stack web developer working at Laravel. In this publication, I share everything I know about Laravel's core, packages, and tools.

You can find me on Twitter and Github.

This site was built using Wink. Follow the RSS Feed.