phpmyadmin Question posted in
The official documentation can be found here.

Auth::attempt always return false even with proper input and hash – Phpmyadmin

I am using laravel lumen framework v8
and with jwt authentication on the following website
https://jwt-auth.readthedocs.io/en/develop/lumen-installation/.

Here is some of code snippet that I have used in my project

<?php
return [
   'defaults' => [
        'guard' => 'web',
        'passwords' => 'users',
    ],

    'guards' => [
        'web' => [
          'driver' => 'jwt',
          'provider' => 'users'
        ],
      ],

    'providers' => [
        'users' => [
            'driver' => 'eloquent',
            'model' => AppModelsUser::class,
        ]
    ]
];

cofig/auth.php

I also register this file under the boootstrap/app.php and all the other configuration

This is my controller login function look like

public function login(Request $request)
    {

        $email = $request->input('email');
        $pass = $request->input('password');

        $credentials = [
            'email'=>$email,
            'password'=>md5($pass)
        ];

        dd( Auth::attempt($credentials));
                //return response()->json($credentials);
        if (! $token = auth('web')->attempt($credentials)) {
            return response()->json(['error' => 'Unauthorizedsfwe'], 401);
        }

        return $this->respondWithToken($token);
    }

I am using my existing project DB the password is store in the form of
MD5
so I tried this way as well
like above but is not working even I also tried to log in with direct hash MD5 but it still not working at all

but when I tried to run this from the response directory on PHPMyAdmin

return response()->json($credentials);

it works but not with the auth('web')->attempt() method

Tags:

2

Answers


  1. Chosen as BEST ANSWER
    0

    Thanks for your answer, I got my answer basically what my code does it will. just double hash my password with once with md5 and another time larval default hashing so that is my it is not working maybe I have to disable the hashing or just override the default hashing with MD5

    now I directly tried like this works for me

     public function login(Request $request)
{

    $email = $request->input('email');
    $pass = $request->input('password');

    $credentials = [
        'email'=>$email,
        'password'=>md5($pass)
    ];


            //return response()->json($credentials);

    $user = User::where('email', $request->email)
        ->where('password',md5($request->password))->first();
  
    if (! $token =  Auth::login($user)) {
        return response()->json(['error' => 'Unauthorizedsfwe'], 401);
    }
    

   return $this->respondWithToken($token);
}

  2. 0

    As I recall when you pass credentials to attempt method you shouldn’t hash the password, it handles password hashing. You can check EloquentUserProvider.php ‘s validateCredentials method here: https://github.com/laravel/framework/blob/574aaece57561e4258d5f9ab4275009d4355180a/src/Illuminate/Auth/EloquentUserProvider.php#L154-L159

    It uses built-in hasher.

    So it seems you need to override default hash behavior and use MD5 instead of it. When I searched it on Stackoverflow I found this: https://stackoverflow.com/a/44126955/1977031

    It simply creates a MD5Hasher which implements IlluminateContractsHashingHasher and use md5 to make hash. And register it in a service provider to give application a MD5Hasher when it needs a Hasher

    Login or Signup to reply.
Please signup or login to give your own answer.

Back To Top
Search