如何解密密码以登录laravel?

时间:2019-05-22 11:04:22

标签: php laravel mongodb eloquent

在更改密码时,我正在使用此功能

public function passwordChange(Request $request, $userId)
    {
        $user = User::find($userId);
        $user->password = Crypt::encrypt(Input::get('password'));
        $user->save();
        return redirect('my-profile');
    }

因此,在mongoDb数据库密码中以加密形式插入,因此,当我每次必须登录系统时,如何将我的密码与数据库密码进行比较

 public function authenticate(Request $request)
    {

        $rules = array(
            'company_email' => 'required|email|exists:users,company_email',
            'password' => 'required|string|max:20|min:4',
        );

        $validator = Validator::make(Input::all(), $rules);
        if ($validator->fails()) 
        {
            return view('pages.login')->with('v_errors', $validator->errors()->messages());
        } 
        else 
        {
            //get email and query
            $authenticateMe = $request->only('company_email', 'password');
            $user = User::where($authenticateMe)->first();

            if (empty($user)) 
            {
                return view('pages.login')->with('not_exists', 'true');
            }
            //session set
            // Session::put('key', $user->username, $user->file);
            Session::put('key', ['username' => $user->username, 'email' => $user->company_email, 'userId' => $user->id, 'profilePicture' => $user->file]);
            return redirect('my-profile');
        }
    }

我没有使用php artisan make:auth 谁能帮忙吗?

3 个答案:

答案 0 :(得分:0)

使用散列代替加密密码。 Laravel拥有有关如何使用它的文档:https://laravel.com/docs/5.8/hashing

答案 1 :(得分:0)

您尝试了以下类似方法吗?

$user = User::where([['company_email','=',$request->get('company_email')], 
['password','=',Crypt::encrypt($request->get('password'))]])
->first();

在检查数据库之前手动加密?

答案 2 :(得分:0)

简而言之,您不能解密加密的密码,但是可以通过向Auth :: attempt()函数添加用户电子邮件和密码数组来检查用户凭据,这是描述的链接:https://laravel.com/docs/5.8/authentication#authenticating-users

这是使用Auth :: attempt()的函数:

public function authenticate(Request $request)
{

    $rules = array(
        'company_email' => 'required|email|exists:users,company_email',
        'password' => 'required|string|max:20|min:4',
    );

    $validator = Validator::make(Input::all(), $rules);
    if ($validator->fails()) 
    {
        return view('pages.login')->with('v_errors', $validator->errors()->messages());
    } 
    else 
    {
        //get email and query
        $authenticateMe = $request->only('company_email', 'password');

        if (Auth::attempt($authenticateMe)) {
            $user = User::find(Auth::user()->id);

            //session set
            // Session::put('key', $user->username, $user->file);
            Session::put('key', ['username' => $user->username, 'email' => $user->company_email, 'userId' => $user->id, 'profilePicture' => $user->file]);
            return redirect('my-profile');    
        }else{
            return view('pages.login')->with('not_exists', 'true');

        }
    }
}

不要忘记将use Auth;添加到功能控制器

相关问题
最新问题