I created the client register and the password change function. When I register the client with the password that password and username are working without any issues. But when I change the password and log in with a new password always says the password is incorrect.I can’t understand what is the issue please help me to solve this issue.
This is my register code
public function store(Request $request, client $client)
{
$token = $request->input('g-recaptcha-response');
if(strlen($token)>0)
{
$result = client::where('email', $request->email)->first();
if (!empty($result))
{
return Redirect::back()->with('errmessage','The registered email address is already in use. Please contact the website administrator or request a password reset');
}
$client->clie_id = $request->email;
$client->clie_fname = $request->clie_fname;
$client->clie_lname = $request->clie_lname;
$client->clie_company = $request->clie_company;
$client->password = Hash::make($request->password);
$client->email = $request->email;
$client->clie_telephone = $request->clie_telephone;
$client->clie_fax = $request->clie_fax;
$client->clie_address1 = $request->clie_address1;
$client->clie_address2 = $request->clie_address2;
$client->clie_address3 = $request->clie_address3;
$client->clie_city = $request->clie_city;
$client->clie_state = $request->clie_state;
$client->clie_postcode = $request->clie_postcode;
$client->clie_country = $request->clie_country;
$client->clie_newslatter= $request->clie_newslatter;
$client->save();
return Redirect::back()->with('message','Account Created Successfully. You may now login using the email you registered with and your password');
}else{
return redirect()->back()->with('warmessage','Please make sure your not a robot');
}
}
This is my password change function
public function PasswordChange(Request $request)
{
//dd($request->clientId);
$token = $request->input('g-recaptcha-response');
if(strlen($token)>0)
{
$user = Client::where('email', $request->clientId)->first();
if (!$user) {
return redirect()->back()->with('error', 'User not found.');
}
if (!Hash::check($request->old_password, $user->password)) {
return redirect()->back()->with('error', 'The old password is incorrect.');
}
$user->update([
'password' => Hash::make($request->password)
]);
// Clear the user's session to ensure the new password takes effect
Auth::guard('client')->logout();
return redirect()->route('Home')->with('message','Password is Successfully changed.');
}else{
return redirect()->back()->with('message','Please make sure your not a robot');
}
// return redirect()->route('home')->with('success', 'Password changed successfully.');
}
My login function
public function login(Request $request)
{
//dd($request->password);
// Retrieve the user record by email
$user = client::where('email', $request->email)->first();
Log::info('Login attempt:', [
'email' => $request->email,
'entered_org_password' => $request->password,
'entered_password' => Hash::make($request->password),
'hashed_password' => $user->password,
]);
if(Auth::guard('client')->attempt(['email'=>$request->email,'password'=>$request->password],$request->remember))
{
return redirect('/')->withMessage('Successfully Logged In');
}else{
return redirect(route('Client_Login'))->with('Error');
}
return redirect()->back()->withInput($request->only('email'));
}
This is my Modal
<?php
namespace App;
use IlluminateNotificationsNotifiable;
use IlluminateFoundationAuthUser as Authenticatable;
class client extends Authenticatable
{
use Notifiable;
protected $guard = 'client';
protected $table='clients';
public function getAuthPassword()
{
return $this->password;
}
protected $fillable = ['email', 'password'];
protected $hidden = [
'password', 'remember_token',
];
}
This is my log data when login with a new password
After Registering this the records for login.
[2023-10-05 08:34:06] local.INFO: Login attempt: {"email":"[email protected]","entered_org_password":"123456789","entered_password":"$2y$10$1mR2dKLEJAHvv0BCQoCfZeLP5Ugq4ngTvHD4/RFDtXp.asB7AJKF.","hashed_password":"$2y$10$Jxm/cd25Xpe4i8ljfDV98uIICszGb61pV6PtcwuhqHayjujWsOejm"}
After changing the password and login records
[2023-10-05 08:35:21] local.INFO: Login attempt: {"email":"[email protected]","entered_org_password":"123456789123","entered_password":"$2y$10$49D4RS5aNWwl8xtnWOGeQ.wuT2Ozipz4O1yAtmJQAsmjoZiLQb3b.","hashed_password":"$2y$10$.dj8Egmzr0JDs7IlmMfZ2ultD5Srp5YTo0Wxi0WHmxscc0P1cpS3u"}
My password change form inputs
<form action="{{route('PasswordChange')}}" method="POST">
<input type="hidden" name="_token" value="{{ csrf_token() }}">
<div class="form-fields">
<div class="inputs">
<label for="Email">Old Password</label>
<input class="email" placeholder="Old Password" id="old_password" name="old_password" type="password"/>
<input type="hidden" name="clientId" id="clientId" value="{{$clients->email}}">
</div>
<div class="inputs">
<label for="Email">New Password</label>
<input class="email" placeholder="New Password" id="new_password" name="new_password" type="password"/>
</div>
<div class="inputs">
<label for="Email">Confirm Password</label>
<input class="email" placeholder="Confirm Password" id="confirm_password" name="confirm_password" type="password"/>
</div>
</div>
<div class="buttons">
<input class="button-1 login-button" type="submit" value="Update" style="width: 25%;"/>
</div>
</form>
And this my login page inputs
<form action="{{route('Client_Login.submit')}}" method="post">
@csrf
<div class="form-fields">
<div class="message-error">
</div>
<div class="inputs">
<label for="Email">Email:</label>
<input id="email" name="email" type="text"/>
</div>
<div class="inputs">
<label for="Password">Password:</label>
<input class="password" id="password" name="password" type="password" />
<span class="field-validation-valid" data-valmsg-for="Password" data-valmsg-replace="true"></span>
</div>
<div class="inputs reversed">
<label for="RememberMe">
<input class="form-check-input" type="checkbox" name="remember" id="remember" {{ old('remember') ?'checked' : 'checked'}}> Remember Me
</label>
<span class="forgot-password">
<a href="#">Forgot password?</a>
</span>
<span class="forgot-password">
|
</span>
<span class="forgot-password">
<a href="{{route('FrontClient.index')}}">Register</a>
</span>
</div>
</div>
<div class="buttons">
<input class="button-1 login-button" type="submit" value="Log in" />
</div>
</form>
2
Answers
Not sure if you are using Laravel 5 or latest version but it’s possible that password is double-hashed.
In latest Laravel version there is:
but assuming you are not using it you might have
setPasswordAttributeinUsermodel that hashes passwords.So in your
PasswordChangemethod you might need to changeinto
Your update code is looking for an input named
password. Your form has inputs namedold_password,new_passwordandconfirm_password. You are hashingnull:I would suggest using the inputs named
old_password,password,password_confirmationand to use validation. Theconfirmedvalidation rule exists and would be expectingpassword_confirmationfor the name of the confirmation input for a field namedpassword.