Laravel 5.1 bcrypt并登录
[英]Laravel 5.1 bcrypt and login
问题描述
When I'm registering a new user in the Laravel framework, I'm currently doing it like this, 
当我在Laravel框架中注册一个新用户时,我现在正在这样做,
// Creating a new user
$user = new User;
$user->firstname = $data['firstname'];
$user->lastname = $data['lastname'];
$user->email = $data['email'];
$user->password = bcrypt($data['password']);
$user->save();
This works great, and I am able to login to the application. 这很好用,我可以登录到该应用程序。 However, I want the user to have an option to change their passwords in their settings page. 但是,我希望用户可以选择在其设置页面中更改其密码。 Doing this, i used the same technique, using 这样做,我使用相同的技术,使用
$newPass = bcrypt($response->new_password);
and updating the user field. 并更新用户字段。 However, after doing this, I'm not able to login? 但是,这样做之后,我无法登录? I'm using the built in authentication service in laravel for the registration/login. 我在laravel中使用内置身份验证服务进行注册/登录。
What am I doing wrong here? 我在这做错了什么? and should i do it another way? 我应该采取另一种方式吗?
I also tried to bcrypt my current password, and i got an completely different hash than the one stored in the database. 我还试图加密我当前的密码,并且我获得了与存储在数据库中的哈希完全不同的哈希。
This so confusing.. 这太混乱..
Updated with controller code, 更新了控制器代码,
// Validation
$this->validate($request, [
'email' => 'email',
'password' => 'min:8|confirmed',
'current_password' => 'required',
]);
// Getting the user ID
$userId = Auth::id();
// Dummy hack check, change later.
if(!Auth::attempt(['id' => $userId, 'password' => $request->current_password]))
{
return redirect('settings')->with('alert','current password is wrong.');
}
// Everything is validated and ok to proceed
if($request->email)
{
$data['email'] = $request->email;
}
if($request->password)
{
$data['password'] = bcrypt("helloworld");
}
$user = User::where('id',$userId)->update($data);
dd($data);
Dump data for the inputs, 转储输入的数据,
+request: ParameterBag {#40 ▼
#parameters: array:5 [▼
"_token" => "JQIIuCjiKQmbK0X5zCM6czYD1vIoh4PGjLO4qrFm"
"email" => "testing@gmail.com"
"password" => "thisisnewpass"
"password_confirmation" => "thisisnewpass"
"current_password" => "helloworld"
]
}
3 个解决方案
解决方案1
0 2015-10-20 22:47:18
This code is closer to how Laravel handles resetting a user's password internally. 此代码更接近Laravel如何处理内部重置用户密码的方式。 Give it a try. 试试看。
// Getting the User
$user = Auth::user(); // Gets the currently logged in User
$credentials = [
'id' => $user->id,
'password' => $request->input('current_password')
];
// Make sure current password is correct
if (!Auth::validate($credentials)) { // Checks the User's credentials
return redirect('settings')->with('alert','current password is wrong.');
}
// Change the password
if ($request->has('password')) {
$user->password = bcrypt($request->input('password'));
}
// Save any changes
$user->save();
It looks like you're using the same form to update the User's email address too, so update the code to fit your needs. 看起来您使用相同的表单来更新用户的电子邮件地址,因此请更新代码以满足您的需求。
解决方案2
0 2015-10-20 23:09:27
Storing the password in an new variable seems to fix the issue (not sure why?) however, this is the code that made everything work, 将密码存储在一个新变量中似乎可以解决问题(不知道为什么?)但是,这是使一切工作的代码,
// Validation
$this->validate($request, [
'email' => 'email',
'password' => 'min:8|confirmed',
'current_password' => 'required',
]);
// Getting the user ID
$userId = Auth::id();
$newPassword = $request->password;
// Dummy hack check, change later.
if(!Auth::attempt(['id' => $userId, 'password' => $request->current_password]))
{
return redirect('settings')->with('alert','Wrong password.');
}
// Everything is validated and ok to proceed
if($request->email)
{
$data['email'] = $request->email;
}
if($request->password)
{
$data['password'] = bcrypt($newPassword);
}
// Getting, and checking if the current password is corrent.
$user = User::where('id',$userId)->update($data);
echo $newPassword . "<br><br>";
dd($data);
If there is any explanations that i don't see, please let me know why. 如果有任何我没有看到的解释,请告诉我原因。 However, it's working now. 但是,它现在正在运作。
解决方案3
0 2017-04-30 05:48:38
For Laravel in year 2017, this is how we roll: 对于2017年的Laravel,这就是我们如何推出:
//create a setter method in your controller
public function setPasswordAttribute( $password ) {
if ( $password !== null ) {
if ( is_null(request()->bcrypt) ) {
$this->attributes['password'] = bcrypt($password);
} else {
$this->attributes['password'] = $password;
}
}
}
Check this link they all are talking about placing it in model but it works inside my own controller. 检查这个链接,他们都在谈论将它放在模型中,但它在我自己的控制器内工作。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.