dousui8263 2019-08-07 09:14
浏览 49

如何使用具有多个用户定义结构数据库的md5哈希自定义Laravel 5.8身份验证?

My case is like this, making a new application from an old application that already exists. The new application as an independent application uses its own database, but for authenticating credentials it uses the old application database. So I use a custom auth, but I'm having problems. My problem when checking the Auth::check() value is true but when redirected to the home page, the Expired Page appears. After I check Auth::check() again, the result is false. I feel there is something wrong with implementing UserProvider, but I haven't managed to implement it yet. I have modified the environment for multiple databases, and have successfully connected.

I have modified the environment for multiple databases, and have successfully connected. I've changed the config\database.php file. I modified and added the database connection used. Then I modified the config\auth.php. Credentials for logging in using "username" and "password". The "hints" field is a form of the default plain password when resetting a password. Encrypt the password using the md5 hash with the following composition:
$password = md5(md5(<input-password>.salt).salt)

The App namespace is FKQuiz.

I've modified some files : config\auth.php

'defaults' => [
        'guard' => 'siakad',
        'passwords' => 'sc_user',
    ],

'guards' => [
        'siakad' => [
            'driver' => 'session',
            'provider' => 'usersiakad',
        ],

        'api-siakad' => [
            'driver' => 'token',
            'provider' => 'usersiakad',
            'hash' => false,
        ],
    ],

'providers' => [
        'usersiakad' => [
            'driver' => 'eloquent',
            'model' => FKQuiz\Models\UserSiakad::class,
        ],
    ],
'passwords' => [
        'sc_user' => [
            'provider' => 'usersiakad',
            'expire' => 30,
        ],
    ],

Table structure :

+--------+----------+----------+--------------+----------------+---------------+
| userid | username | password |    hints     |     salt       |  tokenreset   |
+--------+----------+----------+--------------+----------------+---------------+

Modified app\Models\UserSiakad.php

<?php

namespace FKQuiz\Models;

use Illuminate\Database\Eloquent\Model;
use Illuminate\Notifications\Notifiable;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticableContract;
use Illuminate\Auth\Authenticatable as AuthenticableTrait;
use Illuminate\Foundation\Auth\User as Authenticatable;

class UserSiakad extends Authenticatable implements AuthenticableContract
{
    use Notifiable, AuthenticableTrait;

    protected $connection = 'pgsiakad';

    protected $table = 'gate.sc_user';

    protected $hidden = [
        'password', 'salt',
    ];

    public function getAuthPassword()
    {
        return bcrypt($this->password);
    }

    protected function credentials(Request $request)
    {
        return [
            $this->username() => $request->get('username'),
            'password' => md5($request->get('password'))
        ];
    }

    public function validateCredentials(UserContract $user, array $credentials)
    {
        $plain = $credentials['password'];
        return $this->hasher->check($plain, $user->getAuthPassword());
    }
}

File app\Http\Controllers\AuthSiakad\LoginController.php

<?php

namespace FKQuiz\Http\Controllers\AuthSiakad;

use FKQuiz\Http\Controllers\Controller;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\Auth;
use FKQuiz\Models\UserSiakad;

class LoginController extends Controller
{
    public function __construct()
    {
        $this->middleware('guest')->except('logout');
    }

    public function username()
    {
        return 'username';
    }

    public function showLoginForm()
    {
        return view('authSiakad.login');
    }

    public function login(Request $request)
    {
        $u = UserSiakad::where('username', '=', $request->username)->first();
        $s = $u->salt;
        $credentials = [
            $this->username() => $request->get('username'),
            'password' => md5(md5($request->get('password').$s).$s)
        ];

        if (Auth::attempt($credentials)){
            // If login succesful, then redirect to their intended location
            return redirect()->intended(route('home'));
        }
        // If Unsuccessful, then redirect back to the login with the form data
        return redirect()->back()->withInput($request->only('username', 'remember'));
    }

    protected function credentials(Request $request)
    {
        return [
            $this->username() => $request->get('username'),
            'password' => md5($request->get('password'))
        ];
    }

    public function validateCredentials(UserContract $user, array $credentials)
    {
        $plain = $credentials['password'];
        return $this->hasher->check($plain, $user->getAuthPassword());
    }
}

File routes\web.php

Route::get('/', function () {
    return view('welcome');
});

Route::get('/', 'HomeController@index')->name('home');
Route::get('/login', 'AuthSiakad\LoginController@showLoginForm')->name('login');
Route::post('/login', 'AuthSiakad\LoginController@login')->name('login.submit');

File app\Http\Controllers\HomeController.php

<?php

namespace FKQuiz\Http\Controllers;

use Illuminate\Http\Request;

class HomeController extends Controller
{

    public function __construct()
    {
        $this->middleware('auth:siakad');
    }

    public function index()
    {
        return view('home');
    }
}

When logging in, I cannot successfully enter the Home page that is directed to LoginController.php. After I check, Auth::attempt() returns the value true but Auth::check() is false so that when entering HomeController.php, the credential entered is Auth::guest() = true. And the value Auth::user() looks like this:

UserSiakad {#229 ▼
  #connection: "pgsiakad"
  #table: "gate.sc_user"
  #hidden: array:2 [▼
    0 => "password"
    1 => "salt"
  ]
  #primaryKey: "id"
  #keyType: "int"
  +incrementing: true
  #with: []
  #withCount: []
  #perPage: 15
  +exists: true
  +wasRecentlyCreated: false
  #attributes: array:16 [▼
    "userid" => 3747
    "username" => "1522315009"
    "password" => "aa184593e6511e6d9983ba536d36cdb8"
    "hints" => "05051994"
    "salt" => "1pBAKNsSczk2aZLFAg8cgJwIpNyo7a"
    "tokenreset" => null
  ]
  #original: array:16 [▼
    "userid" => 3747
    "username" => "1522315009"
    "password" => "aa184593e6511e6d9983ba536d36cdb8"
    "hints" => "05051994"
    "salt" => "1pBAKNsSczk2aZLFAg8cgJwIpNyo7a"
    "tokenreset" => null
  ]
  #changes: []
  #casts: []
  #dates: []
  #dateFormat: null
  #appends: []
  #dispatchesEvents: []
  #observables: []
  #relations: []
  #touches: []
  +timestamps: true
  #visible: []
  #fillable: []
  #guarded: array:1 [▼
    0 => "*"
  ]
  #rememberTokenName: "remember_token"
}

I feel there is something wrong with implementing UserProvider, but I haven't managed to implement it yet. So, what is the solution? Thanks

  • 写回答

0条回答 默认 最新

    报告相同问题?

    悬赏问题

    • ¥15 如何在scanpy上做差异基因和通路富集?
    • ¥20 关于#硬件工程#的问题,请各位专家解答!
    • ¥15 关于#matlab#的问题:期望的系统闭环传递函数为G(s)=wn^2/s^2+2¢wn+wn^2阻尼系数¢=0.707,使系统具有较小的超调量
    • ¥15 FLUENT如何实现在堆积颗粒的上表面加载高斯热源
    • ¥30 截图中的mathematics程序转换成matlab
    • ¥15 动力学代码报错,维度不匹配
    • ¥15 Power query添加列问题
    • ¥50 Kubernetes&Fission&Eleasticsearch
    • ¥15 報錯:Person is not mapped,如何解決?
    • ¥15 c++头文件不能识别CDialog