Jason Kirby
Reputation: 107
Laravel - Need to Authenticate with No Password Encryption
I'm trying to add authentication to an existing application for a company that has a table that stores its users with plain-text password. In Laravel, I know that I can use Auth::attempt() in order to authenticate a user, but the password is checked against a hashed password. How to I go about checking a plain-text password instead?
Upvotes: 0
Views: 2302
Answers (1)
Alexey Mezenin
Reputation: 163768
Just check the password and login user manually with the loginUsingId() method:
if ($user->password === $request->password) {
auth()->loginUsingId($user->id);
}
I'd also recommend you to hash all the passwords. Storing plain text passwords is a terrible thing to do. Do something like this just once (in Tinker, for example):
$users = User::all();
foreach ($users as $user) {
$user->update(['password' => bcrypt($user->password)]);
}
Upvotes: 2
Related Questions
- In laravel How to validate password
- How to login with Crypt encryption in login controller
- Laravel 5.1 Authentication without password
- Laravel auth, disable password
- Laravel authentication with encrypt password
- Trying to Authenticate user without password in Laravel
- Laravel store secure password and authenticate
- Laravel 5 login without password
- Laravel password encryption
- laravel 4 auth::attempt password in plaintext