0

I try to authenticate using a custom table from database.

Table name is kullanicilar and the fields I use for the authentication are eposta and sifre respectively.

My session controller class is like this:

class OturumDenetcisi extends Controller { public function kaydet(Request $request) { if (!\Auth::attempt(['eposta' => $request->eposta, 'password' => $request->sifre])) { return back(); } return redirect()->home(); } // ... }

Also in user model I have

# In user model public function getAuthPassword () { return $this->sifre; }

When I try to authenticate user nothing happens. It takes me back.

Here is the dd ($request->all()); output inside kaydet function which tries to store a new session.

 array:3 [▼ "_token" => "KfbftPRMVkm4bBIWo8WoICOHmaDyvRpDhF8Wk4zq" "eposta" => "[email protected]" "sifre" => "a123" ]

UPDATE : [SOLVED]

After saving the passwords to database using hashing methods now it works as excepted. Here is the complete session controller:

<?php namespace App\Http\Controllers; use Illuminate\Http\Request; use App\Kullanici; use Illuminate\Support\Facades\Hash; class OturumDenetcisi extends Controller { public function __construct() { $this->middleware('guest', ['except' => 'cikisYap']); } public function olustur() { return view('oturumlar.olustur'); } public function kaydet(Request $request) { if (!\Auth::attempt(['eposta' => $request->eposta, 'password' => $request->sifre])) { return back(); } return redirect()->home(); } public function cikisYap() { auth()->logout(); return redirect('/'); } }
Improve this question
4
  • How did you stored the password on the table? Is that a hashed value? Commented Sep 18, 2017 at 16:39
  • No it is stored as normal text. Commented Sep 18, 2017 at 18:25
  • 1
    The attempt() method will hash the password you given in the array and then compare it with the password value from the database. Commented Sep 18, 2017 at 18:28
  • 1
    Sidenote; don't store passwords in your database in plain text. Since you're using Laravel, you have access to Hash:: functions, so passwords should at the very least be stored as $model->password = \Hash::make("password"); There are also packages available for Laravel which handles the Auth stuff automatically; consider researching that too. Commented Sep 18, 2017 at 18:38

1 Answer 1

Reset to default
0

First you have to make sure you are using the proper username column to search for credentials:

<?php namespace App\Data\Entities; use Illuminate\Notifications\Notifiable; use Illuminate\Foundation\Auth\User as Authenticatable; class User extends Authenticatable { use Notifiable; /** * Get the login username to be used by the controller. * * @return string */ public function username() { return 'eposta'; } }

Then you also have to check if your user is being found with the credentials you are sending to Laravel, so this is a way to test it:

public function kaydet(Request $request) { $user = User::where('eposta', $request->eposta)->first(); dump($user); // does it find the user? dd(Hash::check($request->sifre, $user->password)); // is the password right? if (!\Auth::attempt(['eposta' => $request->eposta, 'password' => $request->sifre])) { return back(); } return redirect()->home(); }
Improve this answer
Sign up to request clarification or add additional context in comments.

2 Comments

It finds the user but the output of the second dd function is false.
Looks like your passwords are not matching. You have to check the password hash