Hook: auth.login.pre_token
Last updated on May 17, 2026 20:14
Overview
Type: Filter
Location: app/Http/Controllers/Api/V1/AuthController.php
Intercepts login flow before token creation. Return a non-null response to override default behavior. Primary use case: implementing two-factor authentication (2FA).
Parameters
| Param | Type | Description |
|---|---|---|
$response |
mixed | Default null (continue normally) |
$user |
User | Authenticated user |
$request |
Request | Login request |
Return
Return null to continue normal login, or a JsonResponse to override.
Usage Example
Hook::addFilter('auth.login.pre_token', function ($response, $user, $request) {
if ($user->hasRole('admin') && !$request->filled('otp_code')) {
return response()->json(['requires_2fa' => true], 403);
}
return null;
});