Laravel: What is “remember_token” in the “users” DB table?

Question

Is it safe to use the remember_token in the users table for authenticating the user into the application?

What is the purpose of this token? Currently, I\'m

Answer 1

Laravel provides a CSRF token in a hidden input it automatically adds and validates whenever a form is submitted, whether you're logged in or not. If you're using their Form builder, this is happening without you even needing to check on it.

You should check if the user is logged in on submission using the Auth facade.