Laravel, Hash :: check (), always returns false

Navigation
0

When trying to compare the password in pure text with the password encrypted in the database, the Hash::check() method always returns false , and should return true

Authentication code: 

$email = $request->input('email');
$password = $request->input('password');

$user = User::where('email', $email)->first();

if ($user) {
    if (Hash::check($password, $user->password)) {
        $token = $this->JWTAuth->fromUser($user);
        return response()->json(['token' => $token, 'user' => $user], 200);
    }
}
return 'FAIL';


/*abaixo o modo que eu crio o hash para o campo password*/
$user->fill([
    'password' => Hash::make($password)
])->save();

Note: Framework Laravel 5.4     

asked by anonymous 20.02.2017 / 18:16

4 answers

0

Strange, the way you are checking the hash is correct, try removing these two ifs, it may be that it is not encountering the user, eg 

if ($user && Hash::check($password, $user->password)) {
    return 'Ok, all good!';
}

return 'You shall not pass!';
    
20.02.2017 / 18:59
0
$user = User::where('email', $email)->get();

if ($user->first()) {
if (Hash::check($password, $user->password)) {
    $token = $this->JWTAuth->fromUser($user);
    return response()->json(['token' => $token, 'user' => $user], 200);
}

} return 'FAIL';

Try this.

    
20.02.2017 / 19:29
0

You can check the tinker as follows:

If the check returns true , the error is not in this part of the code.

    
13.08.2018 / 23:24
-2

Try to give a bcrypt in the password when creating the user, otherwise your query will come without the password field because it is protected by the hidden one. Another tip is to give an echo or a var_dump () in the result of your query ($ user) to see if the password field is actually being pulled. I was having the same problem and resolved with bcrypt.

    
30.09.2017 / 23:08
with using D3.js offline [closed] Repeat condition in WHERE at query time