Laravel 4认证
[英]Laravel 4 Authentication
问题描述
I'm having trouble getting the Authentication to work with laravel 4. This is my whole sign in function when a user enters their email and password into the form. 
我无法使Authentication与laravel 4配合使用。当用户在表单中输入其电子邮件和密码时,这是我的整个登录功能。
public function getSignin() {
$return_arr = array();
$email = Input::get('email');
$password = Input::get('password');
$validation = Validator::make(
array(
'Email' => $email,
'Password' => $password
), array(
'Email' => 'required|Email',
'Password' => 'required'
)
);
if ($validation->passes()) {
$pass = base64_encode($password);
$details = array ('email' => $email, 'password' => $pass);
if (Auth::attempt($details)) {
$return_arr['frm_check'] = 'success';
$return_arr['msg'] = 'logged in';
} else {
$return_arr['frm_check'] = 'error';
$return_arr['msg'] = 'log in failed';
}
} else {
$errors = $validation->messages();
$return_arr['frm_check'] = 'error';
$return_arr['msg'] = $errors->first();
}
echo json_encode($return_arr);
$this->layout = null;
return;
}
Even though the email and password are in the same row in the database, it still returns log in failed, was wondering if anyone could shed some light on to this situation? 即使电子邮件和密码在数据库的同一行中,它仍然会返回登录失败的信息,想知道是否有人可以对此情况有所了解吗?
If I've missed off any other crucial details let me know and I'll post them right away. 如果我错过了任何其他关键细节,请告诉我,我会立即发布。 Thanks in advance. 提前致谢。
3 个解决方案
解决方案1
3 已采纳 2013-09-05 19:30:54
Based on your comments... 根据您的评论...
When you're creating your $user, use Hash::make($password) to hash the password using BCrypt, before saving it in your db. 创建$ user时, Hash::make($password)使用Hash::make($password)使用BCrypt对密码进行哈希处理,然后再将其保存在数据库中。
Then, when the user's logging in just use Auth::attempt($credentials) as you are, but don't use base_64 to encrypt it, the Auth method does it all for you! 然后,当用户登录时按原样使用Auth::attempt($credentials) ,但不使用base_64对其进行加密,则Auth方法将为您完成所有工作!
Much more on the excellent Laravel docs: http://laravel.com/docs/security 有关出色的Laravel文档的更多信息: http ://laravel.com/docs/security
解决方案2
0 2013-09-05 19:03:25
Unless you have base64 encoded your password on save(), remove this line from your code: 除非您在save()上使用base64编码密码,否则请从代码中删除以下行:
$pass = base64_encode($password);
And edit this one to: 并将其编辑为:
$details = array ('email' => $email, 'password' => $password);
Auth::attempt() will hash it for you, using something safer than base64. Auth::attempt()会使用比base64更安全的方式为您进行哈希处理。
EDIT: 编辑:
To correctly save your passwords you have to do something like this: 要正确保存密码,您必须执行以下操作:
$user = new User;
$user->email = 'me@me.com';
$user->password = Hash::make('mySuperSecretPassword');
$user->save();
Then you can user attempt just passing it unhashed. 然后,您可以尝试仅将其散列传递给用户。
解决方案3
0 2013-09-11 13:02:47
Here's a tutorial I wrote; 这是我写的教程。 which might help! 这可能有帮助!
https://medium.com/on-coding/e8d93c9ce0e2 https://medium.com/on-coding/e8d93c9ce0e2
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.