Laravel: How can I change the default Auth Password field name?

Question

I am currently working on my first laravel project and I am facing a problem.

If you have experience with laravel you probably know that by calling php artisan make:auth you will get a predefined mechanism that handles login and registration.

This mechanism is set to understand a couple of commonly used words in order to automate the whole procedure.

The problem that occurs in my case is that I am using oracle db and it won't let me have a table column with the name of password because its a system keyword and it throws errors when trying to insert a user.

So far, I have tried to change my password column to passwd and it worked in my registration form as expected. The User row was successfully inserted and my page was redirected to /home.

But when I try to logout and then relogin, I get this error telling me that my credentials are not correct:

As for my code, I have changed my RegisterController.php so that it takes username instead of email

protected function validator(array $data)
{
    return Validator::make($data, [
        'username' => 'required|max:50|unique:ECON_USERS',
        'passwd' => 'required|min:6|confirmed',
    ]);
}

protected function create(array $data)
{
    return User::create([
        'username'   => $data['username'],
        'passwd'     => bcrypt($data['passwd'])
    ]);
}

The User $fillable

protected $fillable = [
    'username', 'passwd'
];

I am guessing that Auth is trying to authenticate with email and not username or that Auth is searching for password and not passwd.

Answer 1

IN Custom Controller

public function login(Request $request){

    if (Auth::attempt(['email' => $request->email,'password' => $request->password], false)){

         return redirect()->intended(route('subportal.dashboard'));
    }

    return $this->sendFailedLoginResponse($request);
}

protected function validateLogin(Request $request)
{
    $this->validate($request, [
        $this->username() => 'required', 'password' => 'required',
    ]);
}

/**
 * Get the login username to be used by the controller.
 *
 * @return string
 */
public function username()
{
    return 'email';
}

In App/Users.php

public $table = "customer";
protected $primaryKey = 'cust_id';
/**
 * The attributes that are mass assignable.
 *
 * @var array
 */
protected $fillable = [
    'name', 'pass', 'email','record_date',
];

public function getAuthPassword() {
    return $this->pass;
}

Answer 2

If you are using the latest version. I am returning it like the following code below for a custom password field. On my end, I am using Lumen 6.x though it would apply to current version of Laravel also.

/**
 * Get the custom password field for the user.
 *
 * @return string
 */
public function getAuthPassword()
{
    return $this->custom_password_field_here;
}

Answer 3

In Laravel 5.7 beside above answer you must change EloquentUserProvider class. search in the file for 'password' word in lines (107,117, and 140) you found 'password' word and change it with new name, and this is all solustion.

• In User Model add this method :

public function getAuthPassword(){
    return $this->new_password_name;
}

• In LoginController add this :

protected function validateLogin(Request $request){
    $this->validate($request, [
        $this->username() => 'required',
        'new_password_name' => 'required',
    ]);
}
protected function credentials(Request $request)
{
    return $request->only($this->username(), 'new_password_name');
}
public function username()
{
    return 'new_username';//or new email name if you changed
}

• In login.blade.php change id and name of html element.
• In EloquentUserProvider class inside validateCredentials and retrieveByCredentials function change 'password' word with the new name.

Edit :I change EloquentUserProvider class but if you think changing laravel class is a bad practice you can create custom provider and override the retrieveByCredentials and validateCredentials functions in the custom provider.

Answer 4

Use this. It's work for me.

So far I have changed the User.php

public function getAuthPassword(){  
    return $this->senha;
}

and

public function setPasswordAttribute($value)
    {
        $this->attributes['password'] = bcrypt($value);
    }

Also on LoginController.php

public function username()
{
    return 'usuario';
}

Answer 5

For having username instead of email, you can overwrite username() in your LoginController.php

/**
 * Get the login username to be used by the controller.
 *
 * @return string
 */
public function username()
{
    return 'username';
}

And for passwd instead of password, you can do define an accessor in your App\User.php

/**
 * Get the password for the user.
 *
 * @return string
 */
public function getAuthPassword()
{
    return $this->passwd;
}

login.blade.php : Replace email input with username but do not change the name of the input for password.

Answer 6

In your AuthController.php (Located in app/http/Controllers/Auth)

public function postLogin(Request $request)
{
    $this->validate($request, [
                'username' => 'required',
                'password' => 'required',
    ]);

    $credentials = ($request->only('username', 'password'));
    if ($this->auth->attempt($credentials)) {
       //do something, credentials is correct!   
    }
    return "Ops! snap! seems like you provide an invalid login credentials";

}

Answer 7

In the app/Http/Controllers/Auth/LoginController override the default class by adding:

/**
 * Validate the user login request.
 *
 * @param  \Illuminate\Http\Request  $request
 * @return void
 */
protected function validateLogin(Request $request)
{
    $this->validate($request, [
        $this->username() => 'required', 'passwd' => 'required',
    ]);
}

Don't forget to add use Illuminate\Http\Request;

It could be you have to add this too to your LoginController.

/**
     * Get the needed authorization credentials from the request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return array
     */
    protected function credentials(Request $request)
    {
        return $request->only($this->username(), 'passwd');
    }

That should do it.