How to verify that input password matches database hashed password in Laravel 8

Question

How to verify user password from given request in Laravel? How is the password compared to the password hash stored in the database? **This is my controller**<?phpnamespaceApp\Http\Controllers;useIlluminate\Http\Request;useIlluminate\Support\Facades\DB;classMainControllerextendsController{func

P粉373990857 · Answer

like this

$encrypted = Crypt::encrypt('password_name_variable');

P粉071559609 · Answer

Basically, what you want to do is:

Queryusers Users with a given username in the table.
Check if their hashed password matches the hash of the provided password.

So, you want to first query for users with a given username. Then, after retrieving the user and verifying its existence, you can check if the provided password matches the hashed password on the retrieved model.

public function login(Request $request): Response { $user = User::where('username', $request->get('username')); if (!$user || !Hash::check($request->get('password'), $user->password)) { return back()->with([ 'message' => '用户名和/或密码不正确。', 'alert-type' => 'error' ]); } $request->session()->put('user', $user); return redirect('dashboard'); }

However, there are built-in functions in Laravel to achieve this, and depending on your needs, it may be simpler to do this:

public function login(Request $request): Response { if (!Auth::attempt(['username' => $request->get('username'), 'password' => $request->get('password')]) { return back()->with([ 'message' => '用户名和/或密码不正确。', 'alert-type' => 'error' ]); } return redirect('dashboard'); }

https://laravel.com/api/8.x/Illuminate/Support/Facades/Auth.html#method_attempt

How to verify that input password matches database hashed password in Laravel 8

reply all(2)I'll reply