php 如何在laravel 4中匹配输入密码和数据库哈希密码
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/25132507/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
How to match input password and database hash password in laravel 4
提问by user3825129
How to authenticate a user password from a given request in Laravel? How is the password checked against the password hash stored in the database?
如何从 Laravel 中的给定请求验证用户密码?如何根据存储在数据库中的密码哈希检查密码?
回答by Darren Taylor
First, you'll need to find the User who is logging in based on email address or username or however you identify them, for example:
首先,您需要根据电子邮件地址或用户名或您识别它们的方式找到正在登录的用户,例如:
$user = User::where('email', '=', '[email protected]')->first();
Then, you'll need to CHECK the hashed password, like so:
然后,您需要检查散列密码,如下所示:
Hash::check('INPUT PASSWORD', $user->password);
This will return true or false based on whether or not the password matches.
这将根据密码是否匹配返回 true 或 false。
回答by Vishal Vaghasiya
Laravel Login Authentication:
Laravel 登录认证:
public function login(Request $request)
{
$email = $request->input('email');
$password = $request->input('password');
$user = User::where('email', '=', $email)->first();
if (!$user) {
return response()->json(['success'=>false, 'message' => 'Login Fail, please check email id']);
}
if (!Hash::check($password, $user->password)) {
return response()->json(['success'=>false, 'message' => 'Login Fail, pls check password']);
}
return response()->json(['success'=>true,'message'=>'success', 'data' => $user])
}
回答by Dhruv Yadav
$email = Input::get('email');
$user = User::where('email', '=', $email)->first();
if (!$user) {
return response()->json(['success'=>false, 'message' => 'Not Login successfull']);
}
if (!Hash::check(Input::get('password'), $user->password)) {
return response()->json(['success'=>false, 'message' => 'Not Login successfull']);
}
return response()->json(['success'=>true,'message'=>'success', 'data' => $user]);
回答by Tlzdeveloper786
Step 1: first get user data from DB
第一步:首先从DB获取用户数据
$user = User::where('email', '=', $request->input('email'))->first();
Step 2: Get user password as
第 2 步:获取用户密码为
$user->password
Step 3: Validate it as
第 3 步:将其验证为
if(Hash::check($password, $user->password)) {
return response()->json(['status'=>'true','message'=>'Email is correct']);
} else {
return response()->json(['status'=>'false', 'message'=>'password is wrong']);
}
woo hoo!!!!! you have done :)
呜呜!!!!!你已经完成了:)
回答by Prashant Barve
You can create the below method to find the user authentication as explained on the laravel website for authentication:
您可以创建以下方法来查找用户身份验证,如 laravel 网站上的说明进行身份验证:
public function authenticate(Request $request)
{
$credentials = $request->only('email', 'password');
if (Auth::attempt($credentials)) {
// Authentication passed...
// use the below code to redirect the user to dashboard.
// return redirect()->intended('dashboard');
}
}
Please check the link below for more details regarding authentication on laravel website: https://laravel.com/docs/5.6/authentication#authenticating-users
有关 laravel 网站上身份验证的更多详细信息,请查看以下链接:https://laravel.com/docs/5.6/authentication#authenticating-users
回答by Plabon Dutta
From Laravel 5 onward, you can use the bcrypt()function to hash a plaintext. So, you can save that hashed password in DB and then, compare the hashed password again to match.
从 Laravel 5 开始,您可以使用该bcrypt()函数来散列明文。因此,您可以将该散列密码保存在数据库中,然后再次比较散列密码以进行匹配。
$save_password = bcrypt('plain_text_password');
$check_password = bcrypt('provided_password_while_login_request');
And then, compare these two. You're good to go.
然后,比较这两个。你很高兴去。
Or, if you want to go with the Laravel way:
或者,如果您想使用 Laravel 方式:
$credentials = $request->only('email', 'password');
if (Auth::attempt($credentials)) {
// Authentication passed...
return redirect()->intended('dashboard');
}
As per Laravel documentation, and I quote: "The attempt method accepts an array of key / value pairs as its first argument. The values in the array will be used to find the user in your database table. So, in the example above, the user will be retrieved by the value of the email column. If the user is found, the hashed password stored in the database will be compared with the password value passed to the method via the array. You should not hash the password specified as the password value, since the framework will automatically hash the value before comparing it to the hashed password in the database.If the two hashed passwords match an authenticated session will be started for the user.
根据 Laravel 文档,我引用:“尝试方法接受键/值对数组作为其第一个参数。数组中的值将用于在数据库表中查找用户。因此,在上面的示例中,将通过 email 列的值检索用户。如果找到用户,则将存储在数据库中的散列密码与通过数组传递给方法的密码值进行比较。您不应散列指定为密码值,因为框架会在将其与数据库中的散列密码进行比较之前自动散列该值。如果两个散列密码匹配,将为用户启动经过身份验证的会话。
The attempt method will return true if authentication was successful. Otherwise, false will be returned."
如果身份验证成功,尝试方法将返回 true。否则,将返回 false。”
