I'm implementing a login API using Laravel 5.4 for a company that already has two tables where they store username and password. I'm using Tymons JWTAuth which uses the default auth. How can I override the authentication so that it gets the password from another table and not the users table?
Currently I'm using my localhost and the default users table
public function login() {
$credentials = $request->only('user', 'password');
try {
if ( ! $token = JWTAuth::attempt($credentials))
{
return response()->json([
'error' => 'Your email or password is incorrect'
], 401);
}
}
already has two tables where they store username and password
The best way you can do is copy your data to the Auth tables. If you don't want to use the password from the auth, then better rewrite it from scratch and don't use Auth to make your life simplier. Goodluck!
Decided to create a view in my database from the two tables. Seemed like the easiest solution
Related
I'm trying to setup Laravel Sanctum to issue API tokens.
When I do $user->createToken('test');, it fails while attempting to insert the generated token into my tokens table which I had previously created to store third party API tokens.
I was expecting it to insert it into personal_access_tokens instead.
My guess is that somehow this tokens table and Token model interfere with Sanctum. In my User model, I have this method which return a user's third party API tokens:
public function tokens()
{
return $this->hasMany(Token::class);
}
Any idea why it does that and how to fix it?
The createToken method is like so :
public function createToken(string $name, array $abilities = ['*'])
{
$token = $this->tokens()->create([
'name' => $name,
'token' => hash('sha256', $plainTextToken = Str::random(40)),
'abilities' => $abilities,
]);
return new NewAccessToken($token, $token->getKey().'|'.$plainTextToken);
}
but I had already in my User model a tokens method. That why is was creating the token in the wrong table.
I am using Spatie role-permission for handling user roles in an laravel application. I had created users using factory factory(App\User::class, 50)->create(); and now some of the users are admin roles. I want to replace all role to supscriber and only one user is admin.
I had created a seeder for generate admin user and added role for that one
$user = User::create([
'name_first' => 'Admin',
'email' => 'admins#admins.com',
'password' => bcrypt('admins#admins.com')
]);
$user->assignRole('super-admin');
How can achieve this with seeder? Or any other option is available for this ?
If your users were just created by the factory and are not assigned any role yet you can iterate through them and assign the role you want, or get the Role and sync the users relationship with the Collection of Users that are returned from the factory.
If you want to iterate through them one by one:
factory(App\User::class, 50)->create()->each(function ($user) {
$user->assignRole('subscription'); // assuming 'supscription' was a typo
});
If you want to try and attach the users for the Role:
$users = factory(App\User::class, 50)->create();
$role = Role::findByName('subscription');
$role->users()->attach($users);
If you are not clearing your database before seeding, then you will have a bunch of old users you created from previous run of the seeder. You can spin through all the users in the database and assignRole each one to the role you want, or you can try attach on the users relationship for the Role with all the users.
Role::findByName('subscription')->users()->sync(User::pluck('id'));
But oh no, the word Role is in this answer, which means it must be copied from someone else's answer. The assignRole method is used too, so it must also be a copy. The variable $user is also used, so obviously a copy.
Try this in your seeder:
After creating the user then you can do
// Create roles
$super_admin = Role::create(['name' => 'Super Admin']);
$admin = Role::create(['name' => 'Admin']);
// Assign role to user
$user->assignRole($super_admin);
// If you have to use Faker then you can also do this
$user->assignRole($faker->randomElement([$super_admin, $admin]));
Basically you can't add the string in assignRole method you can add the Object of Role Model. If you have already created the roles then here you can find the role by it's name then you can pass this in the assigRole method.
I hope it would helpful for you. Thanks
I created a new table called ADMIN_USER with the field USERNAME and PASSWORD for authentication, but then when I tried to perform login, Hash::check return true as expected but the Auth::attempt return false.
Then I tried to remember the logged-in user before Hash::check or Auth::attempt, php reply with an error: Call to undefined function App\Http\Controllers\Auth\loginUsingId()
And the Auth:login under Hash::check does not remember anything.
Here is my authenticate method in the LoginController:
public function authenticate(Request $request)
{
$data = $request->all();
$user = new User();
$user = $user->where('USERNAME' , $data['inputUsername'])->first();
Log::info($user->PASSWORD);
Log::info($data['inputPassword']);
Auth:loginUsingId($user->id);
/*
if(Auth::attempt(array('USERNAME' => $data['inputUsername'], 'PASSWORD' => $data['inputPassword']))){
return redirect($this->home);
}else{
return redirect($this->index);
}
*/
if(Hash::check($data['inputPassword'], $user->PASSWORD)){
Auth::loginUsingId($user->id);
return redirect($this->home);
}else{
return redirect($this->index);
}
}
Laravel comes pre-configured with a user and auth table that stores your session info, users, salted passwords, etc so no need to create your own table. You can read more about this in the documentation.
Laravel config won't know how to communicate with ADMIN_USERS unless you modify your authenticate class.
look in your application's database/migrations folder and you should find a timestamp_create_users_table.php file that contains a migration to create a users table with id, name, email, password, token, and timestamps.
If you don't see that then run:
php artisan make:auth
Once you have that migration file in your migrations folder then just run.
php artisan migrate
Once this runs check your database and you should see a users table. I'm pretty sure this will fix your Authentication issues.
I'd suggest you run through some of the free lessons available on laracasts. It should help get you up to speed fairly quickly.
Hope this helps.
I solved my problem by changing PASSWORD to password and ID to id in my database.
I want to make validation on a joined table,I know that laravel 5.2 doesn't support this. what is the best practice to do that ?
any suggestions?
The best way to do this, manually authenticate the user with the values you've grabbed from your joined database.
The fastest solution I've brought up is like this:
//join the tables and name it as $joined_table_values
if(isset($joined_table_values)){
if($joined_table_values->field == 'theValueYouNeed'){
//Then authenticate manually with the values in default users table
if (Auth::attempt(['email' => $email, 'password' => $password])) {
// Authentication passed...
return redirect()->intended('dashboard');
}
}
}
Resource: https://laravel.com/docs/5.2/authentication#authenticating-users
I have problem to login a user.I saved the encrypted password with md5 method in database.Now when I want to select a user with encrypted password form database it returns null.
This is my code:
controller:
function login(){
$username=$this->input->post('username');
$password=$this->input->post('password');
$user=$this->mymodel->login($username,$password);
if($user)
$this->load->view('home');
else
echo "The user name or password is wrong";
}
model:
function login($username,$password){
$where=array('username'=>$username,'password'=>md5($password));
$this->db->select()->from('user')->where($where);
$query=$this->db->get();
return $query->first_row('array');
}
but this query returns null;
From looking at your code I notice you don't have any rows specified in the select function. You can pass in an asterisk '*' to represent getting all rows from the database table. Also your where clause can be separated into two separate lines. Last of all the row function can be used to get the first row of a query result.
Model code:
function login($username, $password
{
$this->db->select('*')
->from('user')
->where('username', md5(username))
->where('password', md5($password));
$query = $this->db->get();
return $query->row();
}
I would also discourage you from using md5 to store a password. There are stronger encryption methods available for PHP. In addition it is a good practice to use a salted password when storing it in the database.
For more information see How do you securely store a user's password and salt in MySQL?
You can find more information regarding how to use codeigniters active record class in the codeigniter manual.