在Laravel 8中如何验证输入密码与数据库哈希密码的匹配
P粉129731808
2023-08-28 14:25:49
<p>如何在Laravel中从给定的请求中验证用户密码?密码是如何与存储在数据库中的密码哈希值进行比较的?
**
这是我的控制器
**</p>
<pre class="brush:php;toolbar:false;"><?php
namespace App\Http\Controllers;
use Illuminate\Http\Request;
use Illuminate\Support\Facades\DB;
class MainController extends Controller
{
function login1(Request $request){
$username = $request->input('username');
$password = $request->input('password');
$data = DB::table('users')->where(['username'=>$username, 'password'=>$password])->first();
if($data == null){
echo "error";
$notification = array(
'message' => '用户不存在!',
'alert-type' => 'error'
);
return back()->with($notification);
}
else{
$request->session()->put('user',$data);
return redirect('dashboard');
}
}}</pre></p>
像这样
$encrypted = Crypt::encrypt('password_name_variable');
基本上,你想要做的是:
users表中具有给定用户名的用户。所以,你想要首先查询具有给定用户名的用户。然后,在检索到用户并验证其存在之后,你可以检查提供的密码是否与检索到的模型上的哈希密码匹配。
public function login(Request $request): Response { $user = User::where('username', $request->get('username')); if (!$user || !Hash::check($request->get('password'), $user->password)) { return back()->with([ 'message' => '用户名和/或密码不正确。', 'alert-type' => 'error' ]); } $request->session()->put('user', $user); return redirect('dashboard'); }然而,在Laravel中有内置的功能可以实现这一点,根据你的需求,这样做可能更简单:
public function login(Request $request): Response { if (!Auth::attempt(['username' => $request->get('username'), 'password' => $request->get('password')]) { return back()->with([ 'message' => '用户名和/或密码不正确。', 'alert-type' => 'error' ]); } return redirect('dashboard'); }https://laravel.com/api/8.x/Illuminate/Support/Facades/Auth.html#method_attempt