Reputation: 3
How to decrypt password in Laravel 4 when selecting a record from the database using the Eloquent Model Class?
I've a small application where users can make accounts and also edit there accounts inclusive their passwords. I want to insert all the records of the account, which I select from the database, in the inputs of the editform by using the value="value here" option.
The case is that I use a Validator to validate the input of the user, this Validator is the same to create and edit an account.:
class Account extends Validator {
public static $rules = [
'name' => 'required|alpha|min:2',
'secondname' => 'alpha_spaces|min:2',
'lastname' => 'required|alpha|min:2',
'email' => 'required|email|unique:accounts',
'password' => 'required|alpha_num|between:6,12|confirmed',
'password_confirmation' => 'required|alpha_num|between:6,12'
];
}
This is my edit-form:
This is my code where I select the records from the db:
$q = Input::get('query');
$result = Account::where('id', '=', $q)->get();
In this case will the password be inserted in the input as hashed. So when the user even don't want to change his password it changes, because the hashed password will again be hashed.
So I need in some way select the password unhashed so when the user don't want to edit his password it stays the same.
Can somebody help me out?
Upvotes: 0
Views: 2301
Answers (1)
Reputation: 29413
If I understand correctly you only want to change a password for a user if he inputs it, and if so, I would've done it like this.
- I would remove
alpha_num,betweenandconfirmedfor thepasswordrule. Removing that allows for a more secure password. - I would add
same:password_confirmationto thepasswordrule, this makes sure both fields are equal. - I would remove the rule for
password_confirmation,same:password_confirmationalready takes care of that.
So in the end your array should look like this:
public static $rules = [
'name' => 'required|alpha|min:2',
'secondname' => 'alpha_spaces|min:2',
'lastname' => 'required|alpha|min:2',
'email' => 'required|email|unique:accounts',
'password' => ['required', 'same:password_confirmation']
];
This works fine when you create a new user, but this will run the password requirement check if we edit a user (your current problem). To fix this we must remove required from password. Because we now have the password rules as an array and we know that required is the first item of that array, we can just remove it before running the validation for when updating a user.
We will also need to make sure not to insert an empty password and hash it if user typed to change it.
$input = Input::all();
// make sure not to insert empty password
if (empty($input['password']))
unset($input['password']);
// remove the requirement of password
unset(Account::$rules['password'][0]);
// validate our rules
$validator = Validation::make($input, Account::$rules);
if ($validator->fails()) {
// do something if error
}
// hash if new password
if ( ! empty($input['password']))
$input['password'] = Hash::make($input['password']);
Account::find($accountId)->update($input);
Upvotes: 1
Related Questions
- Encrypt/Decrypt DB fields in laravel
- Decrypt Laravel encrypted values
- How to encrypt value of DB query in Laravel
- Laravel encrypt password before storing on DB and decrypt it to use on email settings
- Can laravel make password encryption like mysql password() function?
- How can i decrypt a password in laravel using decrypt()?
- Laravel 5 - Text to Encrypted Password
- Decrypt Data in Laravel that was Encrypted Using AES_ENCRYPT in MySQL
- Laravel Eloquent - Encrypting/Decrypt Data on call
- How to get encrypted password value in laravel?