please please someone help me , my boss would kill me , this code is not working in laravel , because password is hashed , it is bcryted , how do i compare and get my us_id ( wich stands for username_id ) , the one that tried to login but has the wrong password , do you have any suggestioin , what i'm trying to do is very simple , i'm trying to understand if the user entered a wrong password but his/her username is right . i am beginner . sorry for that :( . i know this won't work , but what should i do to understand if the user entered a wrong password ?
public function login(Request $request, Logs $logs)
{
$password = $request->input('password');
$myuser = \DB::table('users')->where('password', $password)->first();
if (\Hash::check($password, $myuser->password)) {
$logdata = $myuser->id;
$logs->insert($logdata);
return view('MainPages.example', ['pass' => $password]);
}
}
The password is hashed by Laravel, so use the Hash::check() method:
if (\Hash::check($password, $myuser1->password)) {
The Laravel
Hashfacade provides secure Bcrypt hashing for storing user passwords. If you are using the built-inLoginControllerandRegisterControllerclasses that are included with your Laravel application, they will automatically use Bcrypt for registration and authentication.
You can't expect this to work.
Passwords are stored encrypted. Multiple people could theoretically have the exact same password, but none of them would look identical when stored. Therefore you don't know what to look for in the record, even if you know what password you are looking for because you don't know what salt was used for the particular record where it is stored.
You just can't retrieve a record on a password lookup like this. Rather, you have to retrieve the record first (based on some other key, eg. username or id) and then see if the password encrypts to match from the given password that has the ever important salt.