Failure in login verification of 20150720-Laravel

: This article mainly introduces the traps encountered during login verification on January 20,. For more information about PHP tutorials, see. Record the pitfalls that have been step on, and the pits will become fewer and fewer in the future ......

Create a table first:

phpartisanmigrate:make_admin_table

Then, write the column settings in the table in the new file.

  Increments ('id'); $ table-> string ('staff _ code', 32)-> nullable (); // employee ID $ table-> string ('login _ name', 32)-> nullable (); // login name $ table-> string ('password', 32) -> nullabele (); // login password $ table-> string ('mail', 512)-> nullable (); // email $ table-> string ('staff _ name', 32)-> nullable (); // employee name $ table-> string ('Sex', 10) -> nullable (); // gender $ table-> string ('belong _ to', 512)-> nullable (); // Department $ table-> string ('job', 512)-> nullable (); // position $ table-> string ('telphone', 32) -> nullable (); // fixed number $ table-> string ('mobile', 32)-> nullable (); // mobile phone number });} /*** Reverse the migrations. ** @ return void */public function down () {Schema: dropIfExists ('admin ');}}

Create Model Admin:

php ratisan generate modle Admin

Add it to the generated file.

  RememberToken;} publicfunctionsetRememberToken ($ value) {$ this-> rememberToken = $ value;} publicfunctiongetRememberTokenName () {return $ this-> reminder ;}}

As login verification is required and the Auth provided by laravel is used, you need to add use and inherit the UserInterface and RemindableInterface interfaces, and rewrite some methods.
Specifically

Login \ Auth \ UserTrait; useIlluminate \ Auth \ UserInterface; useIlluminate \ Auth \ Reminders \ Users; login \ Auth \ Reminders \ RemindableInterface; classAdminextends \ Users, RemindableInterface {useUserTrait, role; /******* the following code omitting *******/publicfunctiongetRememberToken () {return $ this-> rememberToken;} publicfunctionsetRememberToken ($ value) {$ this-> rememberToken = $ value;} publicfunctiongetRememberTokenName () {return $ this-> reminder ;}}

Then I will continue to find the settings of the Auth file and modify the tables to be used.
App/config/auth. php
Find the following field and modify it to the table you specified.

  'Eloquent', // verification method. There are two types of 'model' => 'admin' for database and eloquent. // The model name used is 'table' => 'admin ', // the corresponding table name 'reminder' => array ('email '=> 'emails. auth. reminder ', 'table' => 'Password _ reminders', 'expire '=> 60 ,),);

Then add the controller method:

// Obtain the public function get_web_login () {return View: make ('web. web_login ');} // login verification public function post_login () {if (Auth: attempt (array ('login _ name' => Input :: get ('login _ name'), 'password' => Input: get ('password') {Notification: success ('logon successful '); return Redirect: to ('/web/index')-> with ('message', 'logon successful');} else {Notification :: warning ('user name and password are incorrect '); return Redirect: to ('/web/login')-> with ('message', 'user name and password are incorrect ') -> withInput ();}}

Then the view file login. blade. php:

@ Section ('title') logon-@ parent @ stop @ section ('Nav _ 1 ')
"#"> Logon
@ Stop @ section ('selection ')
 
@ Stop

Last update route

Route: get ('/web/Index', array ('as' =>' web. web_index ', 'uses' => 'app \ Controllers \ Api \ WebController @ get_web_index '); // The Route: get ('/web/login ', array ('as' => 'web. web_login', 'uses '=> 'app \ Controllers \ Api \ WebController @ get_web_login'); Route: post ('/web/login ', array ('as' => 'web. web_login.post', 'uses '=> 'app \ Controllers \ Api \ WebController @ post_login '));

After completing the above work, I opened the database and inserted a piece of user data, so I tried to log on. then the problem came.

No matter how I try it, the account password is incorrect.

Baidu and google did not find any results.
You can only look at laravel source code.
The first thing to call is the attempt method to verify the user name and password. so I jumped into this function and checked it.

/**         * Attempt to authenticate a user using the given credentials.         *         * @param array $credentials         * @param bool $remember         * @param bool $login         * @return bool          * @static         */publicstatic function attempt($credentials = array(), $remember = false, $login = true){            return \Illuminate\Auth\Guard::attempt($credentials, $remember, $login);        }

It is not hard to see that she only returns the result of the Guar: attempt method, so I will continue to read it.

/**     * Attempt to authenticate a user using the given credentials.     *     * @param  array  $credentials     * @param  bool   $remember     * @param  bool   $login     * @return bool     */public function attempt(array$credentials=array(), $remember=false, $login=true)    {        $this->fireAttemptEvent($credentials, $remember, $login);        $this->lastAttempted =$user=$this->provider->retrieveByCredentials($credentials);        // If an implementation of UserInterface was returned, we'll ask the provider// to validate the user against the given credentials, and if they are in// fact valid we'll log the users into the application and return true.if ($this->hasValidCredentials($user, $credentials))        {            if ($login) $this->login($user, $remember);            returntrue;        }        returnfalse;    }

Here, we can know that the logon result should be controlled by the result returned by the hasValidCredentials method. how is it implemented internally? Go in and have a look.

/**     * Determine if the user matches the credentials.     *     * @param  mixed  $user     * @param  array  $credentials     * @return bool     */protected function hasValidCredentials($user, $credentials)    {        return ! is_null($user) && $this->provider->validateCredentials($user, $credentials);    }

However, here we just made a simple judgment on whether the $ user parameter exists, so I continue to convert it to the validateCredentials method.

/**     * Validate a user against the given credentials.     *     * @param  \Illuminate\Auth\UserInterface  $user     * @param  array  $credentials     * @return bool     */public function validateCredentials(UserInterface $user, array $credentials);

When I got started with laravel, I couldn't understand what it meant, so I had to continue with google and found some relevant intelligence for me.
Extended Auth function
After reading this post, add the understanding of the above code
Follow the directory it says
/Vender/laravel/framework/src/illuminate/Auth
So I found the EloquentUserProvider. php file.
The specific implementation of the validateCredentials method is found inside it.

/**     * Validate a user against the given credentials.     *     * @param  \Illuminate\Auth\UserInterface  $user     * @param  array  $credentials     * @return bool     */public function validateCredentials(UserInterface $user, array $credentials)    {        $plain = $credentials['password'];        return $this->hasher->check($plain, $user->getAuthPassword());    }

This is clear.

Laravel compares the entered password with the password stored in the database after hash calculation.

However, I directly add a plaintext password to the database, so it is justified to show that the password is incorrect.
Therefore, when storing the password field, remember to use

Hash::make("$passowrd");

To generate the hash string of the corresponding password ......
Then, when I used this method to write a password hash string to the database, I reported an error. check that the password field was too short, so the password field length is changed to 1024 characters, and the problem is solved.
This pitfall left me alone for one morning ...... Record it for your reference to avoid being pitted like me again
_(: Invalid "parameters)_

I also found a bolg article about how to replace laravel's default encryption method with a custom MD5 encryption method, paste it here for future reference laravel to change the default logon password encryption method

(End)

Copyright Disclaimer: This article is an original article by the blogger and cannot be reproduced without the permission of the blogger.

The above describes the traps encountered during login verification on January 20, including some content. I hope my friends who are interested in PHP tutorials will be helpful.