laravel 4 custom named password column
tldr; You can name your password field anything you like, as long as your User model implements the interface correctly.
However you can't pass different array key to the Auth::attempt
method - only password
index can be there
First off you're doing it wrong - you need to pass an array of credentials as 1st param:
if (Auth::attempt(Input::only('user_displayName', 'user_password')))
Next, unfortunately Eloquent
provider has hard-coded password
array index in the code, so you can't pass user_password
to the attempt
method.
So this is what you need:
$credentials = Input::only('user_displayName');
$credentials['password'] = Input::get('user_password');
if (Auth::attempt($credentials))
// or simply rename the input in your form to password and:
if (Auth::attempt(Input::only('user_displayName', 'password')))
How to change / Custom password field name for Laravel 4 and Laravel 5 user authentication
Information
You can change easy all other fields in database and use them for authentication. The only problem is with password
field.
In fact password
field is in some way hard coded in Laravel (but not the way many think) so you cannot just pass array as you passed in your question.
By default if you pass array to attempt
(and probably other Auth functions like validate
or once
) if you do it this way:
Auth::attempt(array(
'user_name' => 'admin',
'password' => 'hardpass',
));
default Eloquent driver will run the following query:
select * from `users` where `user_name` = 'admin' limit 1;
After getting this data from database it will compare password you gave with password property for User object that was created.
But if you simply use:
Auth::attempt(array(
'user_name' => 'admin',
'passwd' => 'hardpass',
));
the following query will be run:
select * from `users` where `user_name` = 'admin' and `passwd` = 'hardpass' limit 1;
and no user will be found in database (in passwd
you store hashed password). This is because Eloquent removes from query password
but use any other data to run query. Also if you try here to use 'passwd' => Hash:make($data['password'])
although user will be found, comparing password won't work.
Solution
Solution is quite easy. You need to run Auth::attempt
like this:
Auth::attempt(array(
'user_name' => 'admin',
'password' => 'hardpass',
));
As you see you still pass password
as key (although this column doesn't exits in users
table) because only this way Eloquent driver won't use it for building query.
Now in User
model (app/models/User.php
) file you need to add the following function:
public function getAuthPassword() {
return $this->passwd;
}
As you see you use here the column that really exists in database: passwd
.
Using it this way you can have column with password named anything you want and you can still use default Eloquent driver for it.
Sample data to test
I've created very simple test for it.
You just need to replace your app/routes.php
file with the following:
Route::get('/', function () {
if (Auth::check()) {
echo "I'm logged in as " . Auth::user()->user_name . "<br />";
echo "<a href='/logout'>Log out</a>";
} else {
echo "I'm NOT logged in<br />";
Auth::attempt(array(
'user_name' => 'admin',
'password' => 'hardpass',
));
if (Auth::check()) {
echo "Now I'm logged in as " . Auth::user()->user_name . "<br />";
echo "<a href='/logout'>Log out</a>";
} else {
echo "I'm still NOT logged in<br />";
}
}
});
Route::get('/logout', function () {
Auth::logout();
return "You have been logged out";
});
Route::get('/db', function () {
if (!Schema::hasTable('users')) {
Schema::create('users', function ($table) {
$table->engine = 'InnoDB';
$table->increments('id');
$table->string('user_name', 60)->unique();
$table->string('passwd', 256);
$table->rememberToken();
$table->timestamps();
});
DB::table('users')->insert(
[
[
'user_name' => 'admin',
'passwd' => Hash::make('hardpass'),
]
]
);
}
echo "Table users has been created";
});
- Create empty database and set connection data in
app/config/database.php
- Now you can run
/db
url for examplehttp://localhost/yourprojectname/db
just to create users table. - Now you can run
/
url for examplehttp://localhost/yourprojectname/
- as you see user is logged in even if inusers
table in database you don't have anypassword
column (data for authentication has been passed as strings without any forms but of course in real application you will add them) . You can run this url once more time - as you see user is still logged so it is working as expected. - If you click on
Log out
link, you will be logged out
Laravel 5 changes for above
This solution was tested in Larave 4.2.9 (everything as above) and also in Laravel 5. In Laravel5 everything works the same but you need of course edit files in different paths:
User
model is inapp/User.php
file- routes are in
app/Http/routes.php
file - Database config file is in
config/database.php
file
How to change password field name in Laravel
I solved my problem by doing a custom AuthController. It was easiest for what I wanted to do.
How to handle custom names of columns, username and password in laravel authentication
When authenticating, you need to change username to Login_Name, however, password needs to stay password:
Auth::attempt( array('Login_Name' => $username, 'password' => $password) )
Take a look at this file for better understanding of how the User is retrieved when Authenticating: https://github.com/illuminate/auth/blob/master/EloquentUserProvider.php#L60
Laravel: How can I change the default Auth Password field name?
For having username
instead of email
, you can overwrite username() in your LoginController.php
/**
* Get the login username to be used by the controller.
*
* @return string
*/
public function username()
{
return 'username';
}
And for passwd
instead of password
, you can do define an accessor in your App\User.php
/**
* Get the password for the user.
*
* @return string
*/
public function getAuthPassword()
{
return $this->passwd;
}
login.blade.php : Replace email
input with username
but do not change the name of the input for password
.
Laravel 4: custom login and check password
You can use
$password = Hash::make($password);
function to get the hash of password, and then check it
laravel passport custom password column
There's a method the Passport/Bridge asks for called validateForPassportPasswordGrant($password)
that you can override in your user model
, if you don't override this it will look for a password
column in your user table
. I'm not entirely sure why they haven't configured it to use Authenticatable
method getAuthPassword...
Laravel Reset Password Using Different Column Name
Took me hours to figure it out. Laravel official doesnt seems give a proper documentation to implement the custom name field.
We just need to change the input field name the same with your table column name.
Field could be anything
<input type="email" name="user_email">
Related Topics
PHP How to Write Data to Middle of File Without Rewriting File
How to Change the Woocommerce_Form_Field HTML Structure
How to Open a File from Line X to Line Y in PHP
What Is the Advantage of Using Try {} Catch {} Versus If {} Else {}
Correct Indentation of HTML and PHP Using Vim
Fatal Error: Out of Memory, But I Do Have Plenty of Memory (Php)
Php: Split String into Array, Like Explode with No Delimiter
Add Http:// Prefix to Url When Missing
How to Convert Iso8601 to Date Format in PHP
Warning: MySQL_Result() Expects Parameter 1 to Be Resource, Boolean Given
PHP Integer and Float Comparison Mismatch
Avoid Public Folder of Laravel and Open Directly the Root in Web Server
Symfony2 Routing - Route Subdomains