Reputation: 1489
Unable to authenticate a user in Laravel: 'invalid username or password'
I have the username and password passed via a post request from my view to the controller. The controller responsible for handling the post request:
public function postLogin(Request $request) {
$this->validate($request, [
'username' => 'required',
'password' => 'required'
]);
if (!Auth::attempt([
'username' => $request['username'],
'password' => $request['password'] ])) {
return redirect()->back()->with(['fail' => 'invalid username or password']);
}
return redirect()->route('auth.dashboard');
}
The problem is I keep getting 'fail' message: 'invalid username or password'.
I looked at the table inside the phpmyadmin, and the username and password were pretty simple (username: Admin & password: 12345).
This is the database for the admins table :
class CreateAdminsTable extends Migration
{
public function up()
{
Schema::create('admins', function (Blueprint $table) {
$table->increments('id');
$table->timestamps();
$table->string('username')->unique();
$table->string('password');
$table->rememberToken();
});
}
public function down()
{
Schema::drop('admins');
}
}
For reference, I am using Laravel 5.2
update 1: The users are created via the registration controller, which stores the username and password in the database. Here is the controller:
public function postRegister(Request $request) {
$admin = new Admin();
$this->validate($request, [
'username' => 'required|unique:admins|max:30|min:3',
'password' => 'required|min:5',
'password_confirm' => 'required'
]);
$password = $request['password'];
$passwordConfirm = $request['password_confirm'];
if ($password !== $passwordConfirm) {
return redirect()->back()->with(['fail' => 'password fields do not match!']);
}
$hashedPassword = password_hash($password, PASSWORD_BCRYPT);
$admin->username = $request['username'];
$admin->password = $hashedPassword;
$admin->save();
return redirect()->route('index')->with(['success' => 'Successfully created account!']);
}
Upvotes: 1
Views: 2989
Answers (4)
Reputation: 469
i prefer using Hash::make instead of password_hash. because there's an additional option in Hash::make that was passed to password_hash. Thats why the hashing didnt matched
Upvotes: 1
Reputation: 2937
Laravel will expect hashed passwords.
So if the password in phpmyadmin is visible, it won't work be able to be verified in Laravel. I would expect the password in phpmyadmin to look like this $2y$13$Cn0gwiUfg2mq5Y3/V98aB.NZ4GJqjbwhvKlsSAOYkVNHKlWRmwZ1W
Upvotes: 0
Reputation: 469
your always getting false in Auth::attempt because the password in your database in not hash. Hash your password in your database first. You could use the seeder in order to seed in the database
class UserSeeder extends Seeder
{
public function run()
{
//your admin model
Admin::create([
'username' => 'admin',
'password' => Hash::make(123)
]);
}
}
hope this will help.
Upvotes: 1
Reputation: 420
Please change login function with following code.
public function postLogin(Request $request) {
$this->validate($request, [
'username' => 'required',
'password' => 'required'
]);
if (Auth::attempt([
'username' => $request['username'],
'password' => $request['password'] ],$remember)) {
return redirect()->route('auth.dashboard');
}
return redirect()->back()->with(['fail' => 'invalid username or password']);
}
Note : Here $remember should be a 1/0 or TRUE/FALSE.
Hope this will help you.
Upvotes: 0
Related Questions
- laravel 7 adding radio in register form
- Auth::user() returns null
- form doesn't work in laravel 7, nothing happened
- login form - unable to login in codeigniter
- Laravel 5.8 change password functionality
- Create laravel 5.2 user registration for multiple user with user_type field in one user table
- Validate Username and Password separately in PHP ajax
- Redirecting to the same route /user/{{username}} Laravel 4+