php Laravel - Auth::attempt没有返回正确的响应

lndjwyie  于 2023-05-16  发布在  PHP
关注(0)|答案(4)|浏览(157)

这是我的登录控制器。像这样它不工作:

<?php

namespace App\Http\Controllers;

use App\Account;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;

class LoginController extends Controller
{
    public function authenticate(Request $request)
    {
        $credentials = array(
            'email'=> $request->email,
            'password'=> hash('sha512', $request->password)
        );

        if (Auth::attempt($credentials)) {
            echo "Login is valid";
        } else {
            echo "IT is not valid login!";
        }

        var_dump($credentials);

    }
}

然而,像这样它的工作原理:

<?php

namespace App\Http\Controllers;

use App\Account;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;

class LoginController extends Controller
{
    public function authenticate(Request $request)
    {
        $credentials = array(
            'email'=> $request->email,
            'password'=> hash('sha512', $request->password)
        );

        if (Account::where($credentials)) {
            echo "Login is valid";
        } else {
            echo "IT is not valid login!";
        }

        var_dump($credentials);

    }
}

以下是我如何创建帐户:

$account = new Account();
    $account->email = $request->email;
    $account->password = hash('sha512', $request->password);
    $account->name = $request->firstName;
    $account->lastname = $request->lastName;
    $account->country = $request->country;
    $account->dob_day = $request->dobDay;
    $account->dob_month = $request->dobMonth;
    $account->dob_year = $request->dobYear;
    $account->save();

下面是我的auth.php配置文件:https://pastebin.com/VqPCNsYC
为什么Auth::attempt没有返回正确的响应?我确信数据被正确地给出和散列,因为Account::where($credentials)这个检查返回Login is valid
我是Laravel的新手。你能帮帮我吗?

jdgnovmf

jdgnovmf1#

在你的代码中有一点混乱:
1)Account::where($credentials)总是true,因为它返回Illuminate\Database\Eloquent\Builder的一个示例,所以每次输入都会得到"Login is valid"
2)Auth::attempt($credentials)不会尝试使用提供的所有凭证检索User,但它会显式地从where删除password密钥,该密钥用于获取User模型(您可以在Illuminate\Auth\EloquentUserProvider中的retrieveByCredentials()函数中看到这一点)。在检索到User之后,它检查登录输入中提供的密码是否与它存储在数据库中的密码的哈希值相匹配。
3)你不需要对密码进行哈希,它不用于根据第2点检索用户(顺便说一句,每次你hash密码 * 哈希 * 是不同的,所以你不能像你尝试的那样在where中使用它),所以你必须这样写:

$credentials = array(
            'email'=> $request->email,
            'password'=> $request->password
        );

4)Laravel不使用hash('512',..)来散列register控制器中的密码,支持的散列驱动程序有:bcryptargonargon2id,您可以在config/hashing.php中更改它。Laravel在注册控制器中使用Hash::make(),如果你改变了这个好运气,你必须改变提供者检查密码的方式(参见Illuminate\Auth\EloquentUserProvider)。但这应该是另一个问题。
希望这能帮上忙。

d8tt03nd

d8tt03nd2#

要将密码与存储在数据库中的密码(散列密码)进行比较,您不需要对其进行散列。只需使用未哈希的密码版本:

public function authenticate(Request $request)
{
    $credentials = array(
        'email'=> $request->email,
        'password'=> $request->password, // <----
    );

    if (Auth::attempt($credentials)) {
        echo "Login is valid";
    } else {
        echo "IT is not valid login!";
    }

    var_dump($credentials);
}

Laravel会对密码进行哈希处理,并将其与数据库中的密码进行比较。

cygmwpex

cygmwpex3#

根据docs,您只需要在验证中提供简单的密码。

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;

class LoginController extends Controller
{
/**
 * Handle an authentication attempt.
 *
 * @param  \Illuminate\Http\Request $request
 *
 * @return Response
 */
public function authenticate(Request $request)
{
    $credentials = $request->only('email', 'password');


if (Account::where($credentials)) {
        echo "Login is valid";
    } else {
        echo "IT is not valid login!";
    }

    var_dump($credentials);
}

现在它将为您提供所需的输出。

nkcskrwz

nkcskrwz4#

主要的问题是echo(echo不会停止其余的代码执行)。

public function authenticate(Request $request)
{
    $credentials = array(
        'email'=> $request->email,
        'password'=> $request->password
    );

    if (Auth::attempt($credentials)) {
        dd("Login is valid"); // use return or dd instead of echo "Login is valid" (it will work with exit like echo('msg'); exit;)
    } else {
        dd("IT is not valid login!");
    }
    var_dump($credentials);
}

相关问题