在 Laravel 中检查密码是否正确
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/38518543/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Check whether password is correct or not in Laravel
提问by Kim Jones
In laravel I want to check if user enter current password than check with that password which is store in database in that user data. If correct than continue otherwise give message Password is incorrect.
在laravel中,我想检查用户是否输入当前密码,而不是检查存储在该用户数据中的数据库中的密码。如果正确则继续,否则给出消息密码不正确。
I am new in laravel so not getting exact idea for this.
我是laravel的新手,所以对此没有确切的想法。
Thanks in advance.
提前致谢。
$('#pwd').blur(function(){
var oldpwd=$('#pwd').val();
var uid = $('#id').val();
console.log(uid);
if(oldpwd != "")
{
$.ajax({
url : "{{ url/profile/checkOldPwd}}",
data : { oldpwd:oldpwd , uid:uid },
type : "POST",
success : function(data) {
if(data == 0){
$("#msg-old").show();
$("#msg-old").html("Password is Incorrect!");
$("#pwd").val("");
$("#pwd").focus();
}
else
{
$("#msg-old").hide();
$("#msg-old").html("");
}
}
});
}
});
回答by Leon Vismer
As Hiren has mentioned you can use the default registered hasher as that is passed to the specific UserProvider used. The default is Illuminate\Hashing\BcryptHasher.
正如 Hiren 所提到的,您可以使用默认注册的哈希器,因为它会传递给所使用的特定 UserProvider。默认值为Illuminate\Hashing\BcryptHasher.
You can use it a couple of ways:
您可以通过以下几种方式使用它:
- Out of the container
- 出容器
$user = User::find($id);
$hasher = app('hash');
if ($hasher->check('passwordToCheck', $user->password)) {
// Success
}
- Using the Facade
- 使用外观
$user = User::find($id);
if (Hash::check('passwordToCheck', $user->password)) {
// Success
}
- Out of interest using the generic php function
password_verifyalso works. However that works because the default hashing algorithm it uses is bcrypt.
- 出于兴趣使用通用 php 函数
password_verify也可以。然而这是有效的,因为它使用的默认散列算法是 bcrypt。
if (password_verify('passwordToCheck', $user->password)) {
// Success
}
回答by Hiren Makwana
you can use hash:checkmethod.
您可以使用hash:check方法。
create password using hash:
使用哈希创建密码:
$password = Hash::make('secret');
check password:
检查密码:
if (Hash::check('secret', $hashedPassword))
{
// The passwords match...
}
回答by Dastur
When the user attempts to access the page, redirect them to an auth page.
当用户尝试访问该页面时,将他们重定向到一个 auth 页面。
Do the ajax call then do the following in your php:
执行 ajax 调用,然后在您的 php 中执行以下操作:
public function check(Request $request)
{
if(Hash::check($request->password, $user->password)) {
// They match
} else {
// They don't match
}
}
I havn't tested this so it might not work.
我没有测试过这个,所以它可能不起作用。
回答by Tlzdeveloper786
Just do it
去做就对了
public function authenticateEmployee(array $data){
$email = $data['email'];
$password = $data['password'];
$user = User::where('email', '=', $email)->first(); //get db User data
if(Hash::check($password, $user->password)) {
return response()->json(['status'=>'false','message'=>'password is correct']);
} else {
return 'false';
}
}
回答by Ruffles
- Hit the server route with your AJAX call.
- Check the result of
auth()->attempt($request->only('email', 'password')) - Return JSON back with a message and HTTP status code (200 if it is successful, 400 if it failed).
- Show the message in the
success()method to a div. If it is an error, show the error message inside theerror()method to a div.
- 使用 AJAX 调用访问服务器路由。
- 检查结果
auth()->attempt($request->only('email', 'password')) - 返回带有消息和 HTTP 状态代码的 JSON(如果成功则为 200,如果失败则为 400)。
- 将
success()方法中的消息显示给一个 div。如果是错误,将error()方法内部的错误信息显示给一个 div。
