由于laravel使用自己的机制来加密和保存用户表中的密码。但是我想改变密码加密机制并希望自己编写,laravel身份验证的两个内置功能应该根据我的密码加密机制工作
check()和attempt()
任何人都请告诉我该怎么做..
答案 0 :(得分:1)
使用自定义身份验证替换laravel身份验证
我已经构建了我的laravel项目,然后有一个任务用自定义身份验证模块替换larevel默认身份验证 我找不到任何可以帮我解决这个问题的帖子,不得不参考很多文章。因此,我决定发表一篇关于如何做到这一点的帖子,以帮助其他任何面临类似问题的人。
1. 需要修改的文件:
a) config / auth.php :
用您的自定义驱动程序替换您的雄辩驱动程序
return [
/*
|--------------------------------------------------------------------------
| Default Authentication Driver
|--------------------------------------------------------------------------
|
| This option controls the authentication driver that will be utilized.
| This driver manages the retrieval and authentication of the users
| attempting to get access to protected areas of your application.
|
| Supported: "database", "eloquent"
|
*/
// 'driver' => 'eloquent',
'driver' => 'custom',
/*
|--------------------------------------------------------------------------
| Authentication Model
|--------------------------------------------------------------------------
|
| When using the "Eloquent" authentication driver, we need to know which
| Eloquent model should be used to retrieve your users. Of course, it
| is often just the "User" model but you may use whatever you like.
|
*/
'model' => 'App\User',
/*
|--------------------------------------------------------------------------
| Authentication Table
|--------------------------------------------------------------------------
|
| When using the "Database" authentication driver, we need to know which
| table should be used to retrieve your users. We have chosen a basic
| default value but you may easily change it to any table you like.
|
*/
'table' => 'user',
/*
|--------------------------------------------------------------------------
| Password Reset Settings
|--------------------------------------------------------------------------
|
| Here you may set the options for resetting passwords including the view
| that is your password reset e-mail. You can also set the name of the
| table that maintains all of the reset tokens for your application.
|
| The expire time is the number of minutes that the reset token should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'password' => [
'email' => 'emails.password',
'table' => 'password_resets',
'expire' => 60,
],
];
b) config / app.php :
将自定义提供程序添加到提供程序列表' App \ Providers \ CustomAuthProvider',
2. 需要添加的文件
一个。的提供商/ CustomAuthProvider.php 强>:
创建一个使用先前定义的自定义驱动程序的新自定义提供程序
use App\Auth\CustomUserProvider;
use Illuminate\Support\ServiceProvider;
class CustomAuthProvider extends ServiceProvider {
/**
* Bootstrap the application services.
*
* @return void
*/
public function boot()
{
$this->app['auth']->extend('custom',function()
{
return new CustomUserProvider();
});
}
/**
* Register the application services.
*
* @return void
*/
public function register()
{
//
}
}
湾的认证/ CutomerUserProvider.php 强>
此类将替换eloquentUserProvider,并且可以启动所有内务处理程序(登录后/注销之前)。
namespace App\Auth;
use App\UserPoa; use Carbon\Carbon;
use Illuminate\Auth\GenericUser;
use Illuminate\Contracts\Auth\Authenticatable;
use Illuminate\Contracts\Auth\UserProvider;
class CustomUserProvider implements UserProvider {
/**
* Retrieve a user by their unique identifier.
*
* @param mixed $identifier
* @return \Illuminate\Contracts\Auth\Authenticatable|null
*/
public function retrieveById($identifier)
{
// TODO: Implement retrieveById() method.
$qry = UserPoa::where('admin_id','=',$identifier);
if($qry->count() >0)
{
$user = $qry->select('admin_id', 'username', 'first_name', 'last_name', 'email', 'password')->first();
$attributes = array(
'id' => $user->admin_id,
'username' => $user->username,
'password' => $user->password,
'name' => $user->first_name . ' ' . $user->last_name,
);
return $user;
}
return null;
}
/**
* Retrieve a user by by their unique identifier and "remember me" token.
*
* @param mixed $identifier
* @param string $token
* @return \Illuminate\Contracts\Auth\Authenticatable|null
*/
public function retrieveByToken($identifier, $token)
{
// TODO: Implement retrieveByToken() method.
$qry = UserPoa::where('admin_id','=',$identifier)->where('remember_token','=',$token);
if($qry->count() >0)
{
$user = $qry->select('admin_id', 'username', 'first_name', 'last_name', 'email', 'password')->first();
$attributes = array(
'id' => $user->admin_id,
'username' => $user->username,
'password' => $user->password,
'name' => $user->first_name . ' ' . $user->last_name,
);
return $user;
}
return null;
}
/**
* Update the "remember me" token for the given user in storage.
*
* @param \Illuminate\Contracts\Auth\Authenticatable $user
* @param string $token
* @return void
*/
public function updateRememberToken(Authenticatable $user, $token)
{
// TODO: Implement updateRememberToken() method.
$user->setRememberToken($token);
$user->save();
}
/**
* Retrieve a user by the given credentials.
*
* @param array $credentials
* @return \Illuminate\Contracts\Auth\Authenticatable|null
*/
public function retrieveByCredentials(array $credentials)
{
// TODO: Implement retrieveByCredentials() method.
$qry = UserPoa::where('username','=',$credentials['username']);
if($qry->count() >0)
{
$user = $qry->select('admin_id','username','first_name','last_name','email','password')->first();
return $user;
}
return null;
}
/**
* Validate a user against the given credentials.
*
* @param \Illuminate\Contracts\Auth\Authenticatable $user
* @param array $credentials
* @return bool
*/
public function validateCredentials(Authenticatable $user, array $credentials)
{
// TODO: Implement validateCredentials() method.
// we'll assume if a user was retrieved, it's good
if($user->username == $credentials['username'] && $user->getAuthPassword() == md5($credentials['password'].\Config::get('constants.SALT')))
{
$user->last_login_time = Carbon::now();
$user->save();
return true;
}
return false;
}
}
UsePoa(这是我的admin表模型):这是我为管理员表创建的Model类。它实现了Illuminate \ Contracts \ Auth \ Authenticatable
use Illuminate\Auth\Authenticatable;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
class UserPoa extends Model implements AuthenticatableContract {
use Authenticatable;
protected $table = 'admin';
protected $primaryKey = 'admin_id';
public $timestamps = false;
}
3. 文件需要了解 Guard.php
这是将根据驱动程序中定义的内容调用用户提供程序的类。最初它曾经是EloquentUserProvider。但在这种情况下,我已经用CustomUserProvider取代了它。下面是Guard如何调用CustomUserProvider中的方法。
1。登录:
A.调用retrieveByCredentials以检查用户是否存在
B.ValidateCredentials被调用以验证用户名和密码是否正确
注意:在retrieveByCredentials中生成的对象被发送到ValidateCredentials,因此不需要第二次数据库访问。
注销并记住我设置方法updateRememberToken(Authenticatable $ user,$ token)将被调用。