Laravel 4:自定义登录和检查密码
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/17738128/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Laravel 4: custom login and check password
提问by Orvyl
I would like to customize my login in laravel 4 where usernameis either his usernameor emailso what I did is:
我想定制我的登录界面,在laravel 4,其中username要么是他username还是email那么我所做的是:
public static function custom_login($uname,$pwd)
{
$res = DB::select("select * from users where (username = ? or email = ?) and password = ? and active = 1",array($uname,$uname,$pwd));
return $res;
}
Now, we all know that password are hashed so you cant use password = ?. how can I check the password if it's correct?
现在,我们都知道密码是经过哈希处理的,因此您不能使用password = ?. 我如何检查密码是否正确?
采纳答案by Victor
You can use
您可以使用
$password = Hash::make($password);
function to get the hash of password, and then check it
函数来获取密码的哈希值,然后检查它
回答by Andreyco
I agree with guys here with the principle, but I would use Eloqunet, just in case the table name will change in the future.
我同意这里的原则,但我会使用Eloqunet,以防表名将来会发生变化。
$user = User::whereRaw('email = ? OR username = ?', array('value', 'value'))->first();
if ( ! $user) {
return false;
}
if (Hash::check('password', $user->password)) {
// The passwords match, log in the user
Auth::loginUsingId( $user->id );
}
I wrote code on the fly, so sorry if any syntax error is present.
我即时编写了代码,如果存在任何语法错误,请见谅。
回答by Robbo
You first need to get the password from the database. Then do Hash::check($pwd, $theDatabasepassword)to see if it matches.
您首先需要从数据库中获取密码。然后做Hash::check($pwd, $theDatabasepassword)看看是否匹配。
回答by sneeze
Befor DB query, you may hash password variable. Something like this:
在数据库查询之前,您可以散列密码变量。像这样的东西:
......
$pwd = do_hash($pwd);//do_hash is the hash function name
$res = DB::select("select * from users where (username = ? or email = ?) and password = ? and active = 1",array($uname,$uname,$pwd));
return $res;
......
回答by itachi
i'l give you a guideline.
我给你一个指导方针。
1. get the hashed pass from DB with respect to the username or email
2. Hash::check() to see if it matches. This function returns a boolean value.
3. if it passes, login the user.
While registration, hash the password by using Hash::make().
注册时,使用 .hash 散列密码Hash::make()。
回答by chuuke
Here's my take on a username or email login:
这是我对用户名或电子邮件登录的看法:
$input = Input::all();
$remember = (isset($input['remember'])) ? true : null;
$rules = array('email_or_username' => 'required', 'password' => 'required');
$validator = Validator::make($input, $rules);
if ($validator->fails())
{
return Redirect::back()->withErrors($validator)->withInput();
}
// get model based on username_or_email, returns null if not present
$user = User::where('email', $input['email_or_username'])->orWhere('username', $input['email_or_username'])->first();
if(!$user) {
$attempt = false;
} else {
$attempt = Auth::attempt(array('email' => $user->email, 'password' => $input['password']),$remember);
}
if($attempt) {
return Redirect::intended('/')->with(array('flash_message' => 'Successfully logged into ' . Lang::get('site.general.title') . '!', 'flash_type' => 'success') );
}
return Redirect::back()->with(array('flash_message' => 'Invalid credentials, please try again', 'flash_type' =>'danger'))->withInput();
