Update password is not working
private function hash_password($password)
{
return password_hash($password, PASSWORD_BCRYPT);
}
private function verify_password_hash($password, $hash)
{
return password_verify($password, $hash);
}
I have used same code to add user after adding user I can do login to the account.
But when I change the password after updating password login failed
Here is reset password code
public function resetPassword($id) {
$password = $this->input->post('password');
$newdata = array(
'password' => $this->hash_password($password),
);
$this->admin_model->changePassword($id,$newdata);
$result ="Password changed";
echo $result;
die;
}
You can't login because the inputted passwords hash is not equal to the passwords hash saved in the database.
Try reading this Hope it will help you.
Related
I want to encrypt password in Laravel.But Hash or Crypt are encryting again again every page refresh. So I dont use it.
$pass = Hash::make($user_password);
$pass = Crypt::encrypt($user_password);
How can i do one times encrypt with Hash or Crypt method ? Because I can't do login page with Hash.
I solved this problem
public function login(Request $request)
{
$email = $request->input('user_email');
$password = $request->input('user_password');
$user = BO_USER::where('email', '=', $email)->first();
if (!$user) {
return response()->json(['success'=>false, 'message' => 'Login Fail, please check email id']);
}
if (!Hash::check($password, $user->password)) {
return response()->json(['success'=>false, 'message' => 'Login Fail, pls check password']);
}
//return response()->json(['success'=>true,'message'=>'success', 'data' => $user]);
return redirect('/dashboard');
}
You will use the Hash, cause Crypt can be decrypted.
See documentation:
Hashing for password
Encrypt and decrypt values
I want to make the password optional while login into the system. If the user enters the password the login works fine and return the jwt token, when I entered to try to login only with email it gives the following error:-
Undefined index: password (500 Internal Server Error)
The following is the code of my login method
public function authenticateUser($request)
{
$input = $request->only('email','password');
if (!$authorized = Auth::attempt($input, true)) {
return $this->failure('Credentials doesnot match our records!', 401);
} else {
$token = $this->respondWithToken($authorized);
return $this->success('Login Successfully !', $token, 200);
}
}
protected function respondWithToken($token)
{
return [
'token' => $token,
'token_type' => 'Bearer',
'expires_in' => Auth::factory()->getTTL() * 60,
'user' => Auth::user()
];
}
so basically, what I want is when a user enters an email it will login and should return the token, and if the user login with email and password then it should also work and return the token.
You can create a custom Authentication User Provider that will work around this potentially missing 'password' field. Though, I would probably not here. You can check the input yourself to see if there is a password or not. If there is pass it through attempt like normal. If it is not there find the user using the configured User Provider and login to the guard (what attempt is doing).
Perhaps something like this:
public function authenticateUser($request)
{
if ($request->has('password')) {
$token = Auth::attempt($request->only(['email', 'password']));
} else {
$token = ($user = Auth::getProvider()->retrieveByCredentials($request->only(['email'])))
? Auth::login($user)
: false;
}
return $token
? $this->success('Login Successfully !', $this->respondWithToken($token), 200)
: $this->failure('Credentials do not match our records!', 401);
}
The error that you're getting means that there is no password key in the input array that you're sending via request. This happens on this line:
$input = $request->only('email','password');
In order to bypass that, you would need go get all inputs, or check if those inputs exist and then read from them:
//Get all inputs
$input = $request->input();
//Or get email first, and then check for password
$input['email'] = $request->email;
$input['password'] = $request->filled('password') ? $request->password : null;
Note: Since I can't see your actual login functions, this might not work with only email, since password might be required parameter. If that's the case, you will have to alter those functions.
I'm just starting with laravel 5, I'm doing a simple login function to check if email and password passed by user matches with the email and password stored in the database. I've been reading the documentation ([https://laravel.com/docs/5.0/hashing1) but Hash::check($content['password'], $user->{'password'}) returns false always. My code looks like this.
When I create a new user I hash the password like that:
$content = json_decode($request->getContent(), true);
$user -> password = Hash::make($content['email']);
And my login function looks like that:
public function login(Request $request)
{
$content = json_decode($request -> getContent(), true);
$user = DB::table('users')->where('email', $content['email'])->first();
if (Hash::check($content['password'], $user->{'password'}))
{
// Redirect to dashboard
}
}
Thanks in advance!!
Actually you are hashing the email instead of password while creating the user. change the code from
$user->password = Hash::make($content['email']);
To
$user->password = Hash::make($content['password']);
i came up with same issue. check database users table, password field. make the size of the field to 60 or more. this fixed mine.
The facade Hash just will encrypt your data:
Hash::make('123456');
is the same that:
$password = bcrypt('123456');
to login a user you need to use AuthController functions:
Auth::attempt(['email' => 'test#test.com' , 'password' => Hash::make('password')]);
it's a example.
If you're receiving a request, you can add this method to login:
if(Auth::attempt(['email' => $request->email, 'password' => $request->password , 'active' => 1])){
flash()->success('Successfully logged in!');
return redirect('/');
}
the attempt function will hash your password field and will compare with database data.
So I have this login method:
public function login(){
$this->form_validation->set_rules('username','Username','trim|required|min_length[4]|xss_clean');
$this->form_validation->set_rules('password','Username','trim|required|min_length[4]|xss_clean');
if($this->form_validation->run()== FALSE) {
//Loading View
$this->load->view('admin/layouts/login');
$username = $this->input->post('username');
$password = $this->input->post('password');
//Validate Username & Password
$user_id = $this->Authenticate_model->login($username, $password);
if($user_id){
$user_data = array(
'user_id' => $user_id,
'username' => $username,
'logged_in' => true
);
//Set session userdata
$this->session->set_userdata($user_data);
} else {
//Set message
$this->session->set_flashdata('pass_login', 'You are now logged in');
redirect('admin/dashboard');
}
}
}
And then i use this simple method to logout:
public function logout(){
//Unset User Data
$this->session->unset_userdata('user_id');
$this->session->unset_userdata('username');
$this->session->unset_userdata('logged_in');
$this->session->sess_destroy();
redirect('admin/authenticate/login');
}
So basically I'm unsetting all my sessions userdata and then redirecting back to login controller. And what happens is, when i redirect back to login page, I automatically login again, like if my session data was still valid and present. Why it's happening?
You could try
unset($this->session->userdata('user_id'));
unset($this->session->userdata('logged_in'));
unset($this->session->userdata('username'));
Or Just Have
$this->session->sess_destroy();
Make sure your session library auto loaded and have configured your settings depending on version of codeigniter
maybe you place "redirect if session == true" code at __construct, there is my problem :v
I am writing a custom registration / authorization module for joomla and I'm wondering how with default joomla methods I could change user password? At the moment I have:
private function UpdateUser(){
$user = JFactory::getUser($this->user_data['username']);
$user->set('password', $this->user_data['password']);
$user->set('password2', $this->user_data['password']);
// $user->bind();
$user->save();
}
but the password is not updated.
P.S.
$this->user_data includes other staff about user, but i need update only password.
Solved.
private function UpdateUser($username, $password){
$user = JFactory::getUser($this->GetIdByUserName($username));
$password = array('password' => $password, 'password2' => $password);
if(!$user->bind($password)){
die('Could not bind data. Error: '.$user->getError());
}
if(!$user->save()){
die('Could not save user. Error: '.$user->getError());
}
}
private function GetIdByUserName($username){
$query = $this->db->getQuery(true);
$query->select('id');
$query->from('#__users');
$query->where('username=' . $this->db->Quote($username));
$this->db->setQuery($query);
if(isset($this->db->loadObject()->id) && !empty($this->db->loadObject()->id))
return $this->db->loadObject()->id;
else
die('No id');
}