laravel auth

two ways to authentication, based on session(cookie) or based on api(token),so we have two guards (web & api in config/auth.php).

guards have a driver and a provider,actually it’s just like controller and model.
driver: the logic u handle authentication
model: where u store your user data

#how it works
At first ,we need an entrance, we need to define some route.that’s why laravel map the route in provider/RouteServiceProvider

in RouteServiceProvider we have added a list of middlewares and  our custom route.
(Auth::routes() in web guard, https://stackoverflow.com/questions/39196968/laravel-5-3-new-authroutes)
(in api guard, we need to add auth:api in middleware if u need authentication. like this :   Route::middleware(‘auth:api’)->group(…))

when u use Auth->attempt(), Auth->user() in your program, it’s actually interact from SessionGuard or TokenGuard.
(Auth alias AuthManager initialize a guard in the construction,and transfer the request to the guard)