0

I've created my accounts in CRM.

Most interesting thing is password and I've handled it creating like that:

$password = $faker->password();
$businessAccount->password = bcrypt($password);

then I send email with this password.

and now I've created login page in my website when I want to make login using some number and password.

public function login(BusinessLoginRequest $request)
    {
        $orgNumber = $request->input('orgNumber');
        $password = $request->input('password');
        var_dump( $pass = BusinessAccounts::find('123456789')->password);
        var_dump(Hash::check($password, $pass));
        if(Auth::guard('business')->attempt(['orgNumber' => $orgNumber, 'password' => $password ])) {
                return 'Hello';
        }
        return 'no';

    }

I'm sorry for that var_dumps, I've inserted it here to see what happen when I click "login"

Password was hashed through bcrypt and how I understand, Auth::attempt check plain password with hashed.

Okay, let's go deeper. First var_dump say me password which was stored in DB and they are equal.

Second var_dump say me "bool(false)" and last say me no, authentication failed, I think.

But when I put hashed password in my form then all is good and I see "Hello" but it's wrong.

And, of course, I've created guard and provider:

'guards' => [
        'web' => [
            'driver' => 'session',
            'provider' => 'users',
        ],
        'api' => [
            'driver' => 'token',
            'provider' => 'users',
        ],
        'business' => [
            'driver' => 'session',
            'provider' => 'business'
        ]
    ],

    'providers' => [
        'users' => [
            'driver' => 'eloquent',
            'model' => App\Models\Eloquent\Account::class,
        ],
        'business' => [
            'driver' => 'eloquent',
            'model'  => App\Models\Eloquent\BusinessAccounts::class
        ]
    ],

and have changed my Model:

class BusinessAccounts extends Model implements Authenticatable
{
    use \Illuminate\Auth\Authenticatable;

    protected $table = 'business_accounts';

    protected $fillable =
        [
            'orgNumber', 'password'
        ];

    public $timestamps = false;

    protected $primaryKey = 'orgNumber';

}

Question is: what I did wrong? How to check unhashed password? I don't want to put hashed password from my db.

Improve this question
4
  • which version of laravel is it you are using? Commented Dec 7, 2017 at 15:41
  • In your first var_dump(), did you really mean $pass = BusinessAccounts::find('123456789')->password (variable assignment) or you actually wanted $pass, BusinessAccounts::find('123456789')->password (display both hashes)? Commented Dec 7, 2017 at 15:41
  • Are you definitely updating you $businessAccount instance? i.e $businessAccount->password = bcrypt($password);$businessAccount->save(); Commented Dec 7, 2017 at 15:48
  • was the problem resolved? Commented Dec 8, 2017 at 8:31

1 Answer 1

Reset to default
1

Try to hash in that way:

use Illuminate\Support\Facades\Hash;

then:

'password' => Hash::make($request->newPassword)
Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.