验证密码Laravel

时间:2016-11-01 17:11:34

标签: php laravel authentication hash

在一个项目中,我正在注册这样的用户

private function insertUserCredentials(User $user, Request $request){
    ...
    $user->email = $request->email
    $user->password = Hash::make($request->password );
    ...
}

我这样登录

if (!Auth::attempt([
        'email' => $request->emailLogin,
        'password' => $request->passwordLogin,
     ], $remember)
)
...

密码插入db with hasing但在attemt中我只需要检索用户输入的密码,一切正常。

现在,如果我注册这样的用户

    $Blowfish_Pre = '$2a$05$';
    $Blowfish_End = '$';
    $Allowed_Chars ='ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789./';
    $Chars_Len = 63;
    $Salt_Length = 21;
    $salt = "";
    for($i=0; $i<$Salt_Length; $i++)
    {
        $salt .= $Allowed_Chars[mt_rand(0,$Chars_Len)];
    }
    $bcrypt_salt = $Blowfish_Pre . $salt . $Blowfish_End;
    $user->email = $request->registeremail;
    $user->password = crypt($request->password, $bcrypt_salt);

我如何使用Auth尝试?我需要做些什么才能让它发挥作用?

if (!Auth::attempt([
        'email' => $request->emailLogin,
        'password' => **here is my question**,
     ], $remember)
)

1 个答案:

答案 0 :(得分:1)

我想最简单的方法是为此创建自己的方法,并使用login()方法手动验证用户:

public function customAttempt($username, $password) {
    $user = User::find('username', $username);
    if (....checking for credentials.....) {
        // Authorize user.
        Auth::login($user, true);
    }
}