在更改密码时,我正在使用此功能
public function passwordChange(Request $request, $userId)
{
$user = User::find($userId);
$user->password = Crypt::encrypt(Input::get('password'));
$user->save();
return redirect('my-profile');
}
因此,在mongoDb数据库密码中以加密形式插入,因此,当我每次必须登录系统时,如何将我的密码与数据库密码进行比较
public function authenticate(Request $request)
{
$rules = array(
'company_email' => 'required|email|exists:users,company_email',
'password' => 'required|string|max:20|min:4',
);
$validator = Validator::make(Input::all(), $rules);
if ($validator->fails())
{
return view('pages.login')->with('v_errors', $validator->errors()->messages());
}
else
{
//get email and query
$authenticateMe = $request->only('company_email', 'password');
$user = User::where($authenticateMe)->first();
if (empty($user))
{
return view('pages.login')->with('not_exists', 'true');
}
//session set
// Session::put('key', $user->username, $user->file);
Session::put('key', ['username' => $user->username, 'email' => $user->company_email, 'userId' => $user->id, 'profilePicture' => $user->file]);
return redirect('my-profile');
}
}
我没有使用php artisan make:auth 谁能帮忙吗?
答案 0 :(得分:0)
使用散列代替加密密码。 Laravel拥有有关如何使用它的文档:https://laravel.com/docs/5.8/hashing
答案 1 :(得分:0)
您尝试了以下类似方法吗?
$user = User::where([['company_email','=',$request->get('company_email')],
['password','=',Crypt::encrypt($request->get('password'))]])
->first();
在检查数据库之前手动加密?
答案 2 :(得分:0)
简而言之,您不能解密加密的密码,但是可以通过向Auth :: attempt()函数添加用户电子邮件和密码数组来检查用户凭据,这是描述的链接:https://laravel.com/docs/5.8/authentication#authenticating-users?>
这是使用Auth :: attempt()的函数:
public function authenticate(Request $request)
{
$rules = array(
'company_email' => 'required|email|exists:users,company_email',
'password' => 'required|string|max:20|min:4',
);
$validator = Validator::make(Input::all(), $rules);
if ($validator->fails())
{
return view('pages.login')->with('v_errors', $validator->errors()->messages());
}
else
{
//get email and query
$authenticateMe = $request->only('company_email', 'password');
if (Auth::attempt($authenticateMe)) {
$user = User::find(Auth::user()->id);
//session set
// Session::put('key', $user->username, $user->file);
Session::put('key', ['username' => $user->username, 'email' => $user->company_email, 'userId' => $user->id, 'profilePicture' => $user->file]);
return redirect('my-profile');
}else{
return view('pages.login')->with('not_exists', 'true');
}
}
}
不要忘记将use Auth;
添加到功能控制器