2018-03-22 15:55
浏览 118

Laravel 5.6 - 在自定义表上使用内置Auth - 不验证用户/密码

I am struggling with using Laravel's built-in auth against an existing 'Users' table that already contains username and password. The column names are 'UserEmail' and 'UserPassword'. To test it out, I used tinker to create an entry, hashing the password as:


When trying to log in using Auth::attempt, authentication keeps failing. To debug, I started adding var_dump and even do a comparison of the password request that comes through against the hashed password in the database and it matches. So I am not sure why the Auth::attempt fails to authenticate it:

This is the function I have in my LoginController.php:

public function login(Request $request)
    // validate the form data
    $this->validate($request, [
        'UserEmail' => 'required',
        'UserPassword' => 'required'

    $user = App\FarmUser::where('UserEmail', $request->UserEmail)->first();
    $authenticated = Hash::check($request->UserPassword, $user->UserPassword);

    // attempt to log the user in
    if (Auth::attempt(['UserEmail' => $request->UserEmail, 'UserPassword' => $request->UserPassword], $request->remember)) {
        // if successful, then redirect to their intended location
        Debugbar::addMessage('successfully authenticated');
        return redirect()->intended($redirectTo);   

    // if unsuccessful, then redirect back to login with the form data
    Debugbar::addMessage('authentication failed');
    //return redirect()->back();

When I try to log in, I see the correct UserEmail, UserPassword, and the hash check also returns true. However, when I call the Auth::attempt, it does not successfully authenticate and redirects back. Any idea why I can't get the Auth::attempt to authenticate properly?

When I log in, this is the output generated from those var dumps:

string(20) "" string(8) "1234" string(60) "<hash>" bool(true)

Here is what tinker returns for this App\FarmUser model:

>>> $user = App\FarmUser::where('UserLogin', 'testuser')->first();
=> App\FarmUser {#809
     ID: 1,
     UserLogin: "testuser",
     password: "<hash>",
     Active: "Yes",
     UserEmail: "",
     Created: "2018-03-20 15:09:24",
     CreatedByID: null,
     Modified: null,
     ModifiedByID: null,
     created_at: "2018-03-20 19:09:09",
     updated_at: "2018-03-20 19:09:09",
  • 写回答
  • 好问题 提建议
  • 追加酬金
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • dt888999 2018-03-22 16:07

    You will need to override the getAuthPassword() method in your User model, like this:

     * Get the password for the user.
     * @return string
    public function getAuthPassword()
        return $this->UserPassword;

    And don't call UserPassword in your Auth::attempt(), but call it password. Like this:

        'UserEmail' => $request->UserEmail, 
        'password' => $request->UserPassword

    This is because Laravel can't recognize which fields are supposedly a password field and has a "reserved" word "password" for it (it will perform a hash on that field, but not others).


    Since your model is actually \App\FarmUser, you also need to change it in the config/auth.php file, like so:

    'providers' => [
        'users' => [
            'driver' => 'eloquent',
            'model' => App\FarmUser::class,
        // 'users' => [
        //     'driver' => 'database',
        //     'table' => 'users',
        // ],
    解决 无用
    打赏 举报

相关推荐 更多相似问题