Laravel 5 Auth::attempt 总是返回 false

【问题标题】:Laravel 5 Auth::attempt always return falseLaravel 5 Auth::attempt 总是返回 false
【发布时间】:2016-09-12 23:52:33
【问题描述】:

我试图写一个登录系统,但 Auth::attempt 总是返回 false 给我,我的代码:

路线:

    Route::get('/login', function () {
    return view('login');
});

    Route::post('/loginProcess', 'LoginController@login');

登录控制器: 

namespace App\Http\Controllers;

use Request;
use Auth;
use App\Http\Requests;
use Hash;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Validator;
use Illuminate\Support\Facades\Redirect;
class LoginController extends Controller
{
 public function login(){
        $uname = Request::get('username');
        $password = Request::get('password');
            if (Auth::attempt(array('username' => $uname, 'password' => $password))){
                return "success";
            }
            else {        
                return "Wrong Credentials";
            }
        }

}
?>

用户模型:

<?php
namespace App;

use Illuminate\Auth\Authenticatable;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Auth\Passwords\CanResetPassword;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;

class User extends Model implements AuthenticatableContract, CanResetPasswordContract { 
    use Authenticatable, CanResetPassword;
    protected $table = 'user';
    public $timestamps = false;
    protected $fillable = ['username', 'password'];
}

?>

登录视图:

@extends('main')

@section('content')
    {!! Form::open(['url' => '/loginProcess']) !!}
        <div class="form-group">
            {!! Form::label('username', 'Username:') !!}
            {!! Form::text('username', null, ['class' => 'form-control']) !!}
        </div>

        <div class="form-group">
            {!! Form::label('password', 'Password:') !!}
            {!! Form::password('password', null, ['class' => 'form-control']) !!}
        </div>

         @if ($errors->any())
             @foreach($errors->all() as $error)
            <div class="alert alert-danger">
                    <p>{{ $error }}</p>
            </div>
            @endforeach
        @endif

        <div class="form-group">
            {!! Form::submit('Login', ['class' => 'btn btn-primary form-control']) !!}
        </div>
    {!! Form::close() !!}
@stop

DB records Table structure

我在cloud9 IDE上开发这个,搜索了很多帖子,还是找不到问题,是密码散列的问题还是什么的?顺便说一句,我检查了可以接收表单输入。

【问题讨论】:

  • 请同时显示您的表格架构
  • 我的架构:i.stack.imgur.com/9BAsm.jpg uid 是主键
  • 您在注册时使用了什么密码散列技术?

标签: php laravel-5


【解决方案1】:

我查看了您的数据库记录,发现您在保存时没有对密码进行哈希处理。 Auth::attempt() 正在检查哈希密码,而您保存的密码是纯文本。

【讨论】:

    【解决方案2】: 
    public function setPasswordAttribute($value) {
    $this->attributes['password'] = bcrypt($value);
}

    当您保存用户记录时,将上述修改器添加到您的用户模型中以散列密码。 Auth::attempt() 需要散列密码

    【讨论】:

      【解决方案3】:

      你可以试试这个方法..

      当您注册用户时,使用 bcrypt 加密您的密码,然后再将密码发送到数据库

      $password = bcrypt($input['password']);
            // OR
$psssword = bcrypt(Request::get('password'));

      因为您使用username 代替默认的email

      你的登录控制器..

      namespace App\Http\Controllers;

use Request;
use Auth;
use App\Http\Requests;
use Hash;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Validator;
use Illuminate\Support\Facades\Redirect;
class LoginController extends Controller
{

 use AuthenticatesAndRegistersUsers;

 public function loginUsername()
 {
     return 'username';
 }

 public function login(){
        $uname = Request::get('username');
        $password = Request::get('password');
            if (Auth::attempt(array('username' => $uname, 'password' => $password))){
                return "success";
            }
            else {        
                return "Wrong Credentials";
            }
        }
}

      希望这会奏效。

      【讨论】:

        【解决方案4】: 
        Rename Your Password Field
try to debug the $query in \Illuminate\Auth\DatabaseUserProvider\ 



public function retrieveByCredentials(array $credentials)
{
    // First we will add each credential element to the query as a where clause.
    // Then we can execute the query and, if we found a user, return it in a
    // generic "user" object that will be utilized by the Guard instances.
    $query = $this->conn->table($this->table);

    foreach ($credentials as $key => $value)
    {
        if ( ! str_contains($key, 'password'))
        {
            dd($query->where($key, $value));

        }
    }

    // Now we are ready to execute the query to see if we have an user matching
    // the given credentials. If not, we will just return nulls and indicate
    // that there are no matching users for these given credential arrays.
    $user = $query->first();

    return $this->getGenericUser($user);
}

        【讨论】:

          猜你喜欢
          • 2015-12-10
          • 1970-01-01
          • 2017-05-24
          • 2013-06-11
          • 2014-03-15
          • 2019-04-14
          • 2012-10-25
          • 2017-05-11
          相关资源
          最近更新 更多
          热门标签
          Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode