php Laravel Hash::check() 总是返回 false
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/21495502/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Laravel Hash::check() always return false
提问by DolDurma
I have profile form for user can edit own profiles. in this form I have current password. that must be match from seved into database.
我有用户的个人资料表格,可以编辑自己的个人资料。在这种形式中,我有当前密码。必须从 seved 匹配到数据库。
Form:
形式:
{{ Form::password('currPassword', array('id'=>'currPassword')) }}
i want to have this function in Controller to check this with database.
我想在控制器中有这个功能来检查数据库。
$data = User::find($id);
if( ! Hash::check( $data->password , Input::get('currPassword') ) )
{
return Redirect::to('/admin/profile')
->with('message', 'Current Password Error !')
->withInput();
}
hashed 123456password into database is ok and after putting 123456in currPasswordthat must be return TRUEbut that return FALSEalways.
哈希123456密码进入数据库是确定的,并把后123456在currPassword那一定是收益TRUE但回报FALSE始终。
回答by Joel Hinz
You're using the wrong argument order. It's Hash::check($input, $hash), not the other way around.
您使用了错误的参数顺序。它是Hash::check($input, $hash),而不是相反。
Short tinker example:
短修补程序示例:
[1] > $pw = 123456;
// 123456
[2] > $hashed = Hash::make($pw);
// 'y$xSugoyKv765TY8DsERJ2/.mPIOwLNdM5Iw1n3x1XNVymBlHNG4cX6'
[3] > Hash::check($hashed, $pw);
// false
[4] > Hash::check($pw, $hashed);
// true
回答by Hasib Kamal
Hash::check() has two parameters first one is plane password and another is hashed password. If password matched with hash it will return true.
Hash::check() 有两个参数,一个是平面密码,另一个是散列密码。如果密码与哈希匹配,它将返回 true。
Hash::check(normal_password,hashed_password);
Example :
例子 :
Hash::check('123456a','y$.XB30GO4jn7bx7EauLrWkugIaCNGxiQCgrFTeFDeSSrGdQYd6Rneq');
回答by Alexey Shabramov
I had the same issue and solved it like this:
我遇到了同样的问题并像这样解决了它:
I found that I was using the Hash::make function in my RegistrationService class and more important that I had alreadyused the setPasswordAttributefunction in my User modelwhich were quickly forgotten:
我发现我在我的 RegistrationService 类中使用了 Hash::make 函数,更重要的是我已经在我的User 模型中使用了setPasswordAttribute函数,但很快就忘记了:
class User extends Model implements AuthenticatableContract, AuthorizableContract
{
...
/**
* @param $value
*/
public function setPasswordAttribute($value)
{
$this->attributes['password'] = Hash::make($value);
}
}
So the password was double hashed and of course every Hash::check call was incorrect and return false.
所以密码是双重散列的,当然每个 Hash::check 调用都不正确并返回 false。
回答by Amitesh
Though above answers are valid for the question provided, I'm adding more explanation to give details insights
尽管以上答案对所提供的问题有效,但我正在添加更多解释以提供详细信息
Verifying A Password Against A Hash
根据散列验证密码
The check method allows you to verify that a given plain-text string corresponds to a given hash. However, if you are using the LoginController included with Laravel, you will probably not need to use this directly, as this controller automatically calls this method:
check 方法允许您验证给定的纯文本字符串是否对应于给定的散列。但是,如果您使用 Laravel 附带的 LoginController,您可能不需要直接使用它,因为此控制器会自动调用此方法:
if (Hash::check('plain-text', $hashedPassword)) {
// The passwords match...
}
check() method is declare in HasherInterface
check() 方法在 HasherInterface 中声明
This method is to Check the given plain value against a hash.
此方法是根据散列检查给定的纯值。
bool check(string $value, string $hashedValue, array $options = array())
Check the given plain value against a hash.
根据散列检查给定的普通值。
Parameters
参数
string $value
string $hashedValue
array $options
字符串 $value
字符串 $hashedValue
数组 $options
Return Value
返回值
bool
布尔值
For your example :
对于您的示例:
$data = User::find($id);
if( ! Hash::check(Input::get('currPassword') , $data->password ) )
{
return Redirect::to('/admin/profile')
->with('message', 'Current Password Error !')
->withInput();
}
回答by sohal07
I had the same issue and after spending 2 hours to work it out, I found that I was hashing the password twice before updating it.
1. From the PasswordResetController,
2. And in User model, I had this function:
我遇到了同样的问题,在花了 2 个小时解决之后,我发现在更新密码之前我对密码进行了两次哈希处理。
1. 从 PasswordResetController,
2. 在用户模型中,我有这个功能:
public function setPasswordAttribute($password)
{
$this->attributes['password'] = bcrypt($password);
}
