CODEWITHSUNDEEP
phplaravelauthenticationlaravel-5
Vishal Shetty
Vishal Shetty

Reputation: 1668

How do I manually authenticate user in Laravel 5.4

I am trying to authenticate user in laravel 5.4, using attempt() I am able to authenticate user, but my I want to also check for if user is active or not and also show the custom message depending upon if user is inactive then different message and if username password is different then different message.

My authentication code :

public function checklogin(Request $request)
    {
        $password = bcrypt($request->password);
        $userData = User::where('email',$request->email)->where('password',$password)->first();
        if($userData!=NULL)
        {
            $credentials=array('email' => $request->input('email'),'password' => $request->input('password'),'status' => 'active');

            if(Auth::guard('users')->attempt($credentials)) 
                return redirect()->intended('/dashboard');
             else
             {
                Mail::to($request->email)->send(new VerifyUser($userData));
                return redirect('/')->with('error','Your account is unverified - check your email for account verification link');
             }
        }
        else
            return redirect('/')->with('error','Invalid username or password');


    }

Here, I first want to check if login credentials are correct or not, If they are invalid then it will directly show error message "invalid username or password", if suppose login credentails are correct, then I am trying to attempt login , if user is inactive then I want to show the message that "you need to verify your account" , if user is active then it will redirect user to dashboard.

But in my case I am not able to authenticate user even if I bcrypt the password and cross check it with the password in db table.

Upvotes: 0

Views: 2404

Answers (2)

Emeka Mbah
Emeka Mbah

Reputation: 17545

There are many ways to do this, however since you mentioned in your comment that you are interested in getting line 4 in your code to work

$userData = User::where('email',$request->email)->where('password',$password);

Line above will not work since bcrypt generates new hash which doesn't match the hashed password in database.

You can do this instead:

$userData = User::where('email',$request->email)->first();

if ($userData && Hash::check($request->password, $userData->password))
{
    // The passwords match...
}

Upvotes: 2

Zedex7
Zedex7

Reputation: 1672

Notice Comments. This should work.

  public function checklogin(Request $request)
    {
      $password = bcrypt($request->password);
      $userData = User::where('email',$request->email)->where('password',$password);
      if($userData->get()->count() > 0) //Check if User exists
      {
        if($userData->where('status','inactive')->get()->count() > 0) // Check if User is inactive
        {
          Mail::to($request->email)->send(new VerifyUser($userData->get()->first()));
          return redirect('/')->with('error','Your account is unverified - check your email for account verification link');
        }

        $credentials=array('email' => $request->input('email'),'password' => $password); // passing hashed password

        if(Auth::guard('users')->attempt($credentials)) 
          return redirect()->intended('/dashboard');
      }
      else
        return redirect('/')->with('error','Invalid username or password');
    }

Upvotes: 1

Related Questions