Are you tired of using outdated authentication systems in your Laravel apps?
Perhaps you’ve struggled to set up user login, registration, and password reset features cleanly — or you’re overwhelmed by Jetstream’s complexity.
Problem solved. In this step-by-step guide, we’ll show you exactly how to use Laravel Fortify in Laravel 10 to build a powerful authentication system — without the clutter.
By the end of this article, you’ll have a fully functioning, secure, and customizable authentication system that’s ready for production — no unnecessary UI frameworks, just clean Laravel code.
Blog Outline
- What is Laravel Fortify?
- Why Use Laravel Fortify in Laravel 10?
- Laravel Fortify vs Jetstream vs Breeze
- Step 1: Install Laravel 10
- Step 2: Install Laravel Fortify
- Step 3: Publish Fortify Configuration
- Step 4: Register Fortify Service Provider
- Step 5: Setup Authentication Views
- Step 6: Enable and Customize Fortify Features
- Step 7: Add Routes and Middleware
- Step 8: Test Login, Register, and Logout
- Advanced Tips for Fortify Customization
- Laravel Fortify 2FA & Email Verification (Optional)
- Final Thoughts + Bonus Resources
1. What is Laravel Fortify?
Laravel Fortify is a headless authentication backend for Laravel applications. It provides a robust set of authentication features, including:
- User registration
- Login/logout
- Email verification
- Two-factor authentication (2FA)
- Password resets and updates
- Session management
Unlike Jetstream or Breeze, Fortify doesn’t force any frontend framework on you — giving you maximum flexibility.
2. Why Use Laravel Fortify in Laravel 10?
Laravel Fortify is ideal for:
- Custom UI development (Vue, React, Blade, etc.)
- API-based apps like SPAs or mobile backends
- Clean separation of logic and presentation
It’s also maintained by the Laravel core team, so you’re guaranteed long-term support and best practices baked in.
Top keywords targeted here:
- Laravel Fortify
- Laravel 10 Authentication
- Laravel login and registration
- Laravel custom auth
- Laravel 10 login system
3. Laravel Fortify vs Jetstream vs Breeze
| Feature | Fortify | Jetstream | Breeze |
|---|---|---|---|
| Headless Backend | Yes | No | No |
| Frontend Included | No | Yes (Livewire/Inertia) | Yes (Blade/React/Vue) |
| Custom UI Friendly | Very | Harder | Simple |
| Best for | APIs & SPAs | Full-stack apps | Prototyping |
4. Step 1: Install Laravel 10
Open your terminal and create a new Laravel project:
composer create-project laravel/laravel laravel-fortify-demo
cd laravel-fortify-demo
5. Step 2: Install Laravel Fortify
Next, install Laravel Fortify via Composer:
composer require laravel/fortify
6. Step 3: Publish Fortify Configuration
Run the following to publish Fortify’s configuration file:
php artisan vendor:publish --provider="Laravel\Fortify\FortifyServiceProvider"
This creates a config/fortify.php file.
7. Step 4: Register Fortify Service Provider
Open config/app.php and add this to the providers array:
App\Providers\FortifyServiceProvider::class,
Then generate the file:
php artisan make:provider FortifyServiceProvider
Inside FortifyServiceProvider.php, boot Fortify like this:
use Laravel\Fortify\Fortify;
use App\Models\User;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Validator;
public function boot()
{
Fortify::createUsersUsing(CreateNewUser::class);
Fortify::updateUserProfileInformationUsing(UpdateUserProfileInformation::class);
Fortify::updateUserPasswordsUsing(UpdateUserPassword::class);
Fortify::resetUserPasswordsUsing(ResetUserPassword::class);
}
8. Step 5: Setup Authentication Views
Fortify doesn’t ship with views. You need to create your own Blade templates manually:
mkdir resources/views/auth
Then create:
login.blade.phpregister.blade.phpforgot-password.blade.phpreset-password.blade.php
You can use Blade scaffolding from Breeze if you want a base to start with:
composer require laravel/breeze --dev
php artisan breeze:install blade
npm install && npm run dev
Then delete unnecessary Breeze files and keep only the views.
9. Step 6: Enable and Customize Fortify Features
Inside config/fortify.php, toggle the features you need:
'features' => [
Features::registration(),
Features::resetPasswords(),
Features::emailVerification(),
Features::twoFactorAuthentication(),
],
Want to disable 2FA? Just remove it from the array.
10. Step 7: Add Routes and Middleware
Make sure your web routes are protected correctly:
Route::middleware(['auth'])->group(function () {
Route::get('/dashboard', function () {
return view('dashboard');
});
});
11. Step 8: Test Login, Register, and Logout
Now migrate your database and create a user:
php artisan migrate
Visit /login or /register and test the flow!
12. Advanced Tips for Fortify Customization
- Override the default login validation
- Add username-based login instead of email
- Customize redirection logic with
RedirectIfAuthenticated - Add custom fields like phone or role in registration
Example: customizing the login logic:
Fortify::authenticateUsing(function (Request $request) {
$user = User::where('email', $request->email)->first();
if ($user && Hash::check($request->password, $user->password)) {
return $user;
}
});
13. Laravel Fortify 2FA & Email Verification (Optional)
To enable 2FA:
- Add
Features::twoFactorAuthentication()to the config. - Make sure you include Blade forms for enabling/disabling 2FA.
- Use the recovery codes and QR code features Fortify provides.
14. Final Thoughts + Bonus Resources
Laravel Fortify is lightweight, powerful, and ideal for modern Laravel authentication. Whether you’re building a full-stack app or an API-first SPA, Fortify gives you the backend structure — and full control over the frontend.