基本的 Laravel 身份验证无法登录
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/27762553/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Basic laravel auth cannot login
提问by ka ern
I have id and password, in table account. I'll login with id and password. And the results is bad
我有 id 和密码,在表帐户中。我会用ID和密码登录。结果很糟糕
auth.php
身份验证文件
'driver' => 'database',
'model' => 'Pass',
'table' => 'account',
models/Pass.php
模型/Pass.php
use Illuminate\Auth\UserTrait;
use Illuminate\Auth\UserInterface;
use Illuminate\Auth\Reminders\RemindableTrait;
use Illuminate\Auth\Reminders\RemindableInterface;
class Pass extends \Eloquent implements UserInterface, RemindableInterface
{
use UserTrait, RemindableTrait;
protected $table = 'account';
PassController.php
密码控制器.php
public function authenticate()
{
$userdata = array( 'id' => Input::get('id'), 'password' => Input::get('password'));
if(Auth::attempt($userdata))
{
echo 'oke';
}
else
{
echo 'bad';
}
}
in views
在视图中
{{Form::open(array('action' => 'PassController@authenticate')) }}
...
routes.php
路由文件
Route::post('book/auth', 'PassController@authenticate');
How to resolve this? I use laravel 4.2
如何解决这个问题?我使用 Laravel 4.2
回答by lukasgeiter
You definitely should, no you basically have tostore passwords hashed. Having plain text passwords in your db is a major security risk.
你绝对应该,不,你基本上必须存储散列密码。在您的数据库中使用纯文本密码是一个主要的安全风险。
Now obviously you need to hash the password when creating a new user. (in your registration controller or something like that).
现在显然您需要在创建新用户时散列密码。(在您的注册控制器或类似的东西中)。
However to change your existing password manually you can use artisan tinkerto generate a hash.
但是,要手动更改现有密码,您可以使用它artisan tinker来生成哈希值。
php artisan tinker
> echo Hash::make('your-secret-password');
Then copy the hash and update it in your db.
然后复制哈希并在您的数据库中更新它。
Also make sure that the password field in your database is at least 60 characters longotherwise the hash will be truncated.
还要确保数据库中的密码字段至少有60 个字符长,否则散列将被截断。
Update
更新
Try this one for testing:
试试这个进行测试:
public function authenticate()
{
$user = Pass::find(Input::get('id'));
if(Hash::check(Input::get('password'), $user->password))
{
echo 'oke';
}
else
{
echo 'bad';
}
}
Update 2
更新 2
If your hashed password colummn is called hashed_pass(or anything else than password) you need to specify that in your model:
如果您的散列密码列被调用hashed_pass(或其他任何东西password),您需要在模型中指定:
public function getAuthPassword()
{
return $this->hashed_pass;
}
