1

I am using Laravel 4, My Database tables / pages were created using an older version of Laravel. Version 3. I believe.

I have a user login system in place and when passing the hashed password from the view to the controller, It doesn't match the Databases' password at all.

My Hashed codes are :

Database

$08$wqCWqMgG7SRIukdyNEbXX.kK5c.8BxqzGVJSaCC55eKndFjqrJqJG

Form

$2y$10$hJQsF7.KkuXw4GYb8vk1o.SZhdocP7e8SxcjvBWjtLzpJPBlX0f5q

My Laravel controller code is :

public function postLogin()
    {

        $email = Input::get('email');
        $password = Hash::make(Input::get('Password'));

        dd($password);

        $credentials = array(
            'user_email' => Input::get('UserName'),
            'user_password' => Input::get('Password')
        );

        if(Auth::attempt($credentials))
        {
            return Redirect::to('dashboard')->with('message', 'You are now logged in!');
        }
        else
        {
            return Redirect::to('users/login')
                           ->with('message', 'Your username/password combination was incorrect')
                           ->withInput();
        }
    }

Is it down to an older version of the DB not matching? Any suggestions on what I can check / change to match.

Cheers

Improve this question

2 Answers 2

Reset to default
4

A new hash of the same secret will be different every time because a random salt is added while hashing. To check a secret against a hash use:

Hash::check('secret', 'hash-of-secret');

The reason why Auth::attempt is failing is that the passed credentials always need to have an password key. (Even if your DB field has a different name)

$credentials = array(
    'user_email' => Input::get('UserName'),
    'password' => Input::get('Password')
);

Then make sure that your User model implements this method:

public function getAuthPassword()
{
    return $this->user_password;
}
Improve this answer
Sign up to request clarification or add additional context in comments.

1 Comment

Excellent, I had "user_password" switching to 'password' did the job. Thank You!
3

Hashes will not 'match' when you compare them like that. There is a salt that is added to all hashes.

The problem is most likely your database column name for passwords. If it is user_passwords - then you must have set that in your user model or it wont work (Laravel will assume it is password otherwise)

So your $credentials MUST use the password field - not user_password

$credentials = array(
            'user_email' => Input::get('UserName'),
            'password' => Input::get('Password')
        );

If your user database has the password in a column called 'password'. Then you dont need to do anything further. But if your column is called 'user_password' - then you must modify your User model and add/modify the following function to this:

Now in User model (app/models/User.php) file you need to add the following function:

public function getAuthPassword() {
    return $this->user_password;
}
Improve this answer

1 Comment

Wow looks like we wrote pretty much the same answer simultaneously ;)

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.