I have problem to login a user.I saved the encrypted password with md5 method in database.Now when I want to select a user with encrypted password form database it returns null.
This is my code:
controller:
function login(){
$username=$this->input->post('username');
$password=$this->input->post('password');
$user=$this->mymodel->login($username,$password);
if($user)
$this->load->view('home');
else
echo "The user name or password is wrong";
}
model:
function login($username,$password){
$where=array('username'=>$username,'password'=>md5($password));
$this->db->select()->from('user')->where($where);
$query=$this->db->get();
return $query->first_row('array');
}
but this query returns null;
From looking at your code I notice you don't have any rows specified in the select function. You can pass in an asterisk '*' to represent getting all rows from the database table. Also your where clause can be separated into two separate lines. Last of all the row function can be used to get the first row of a query result.
Model code:
function login($username, $password
{
$this->db->select('*')
->from('user')
->where('username', md5(username))
->where('password', md5($password));
$query = $this->db->get();
return $query->row();
}
I would also discourage you from using md5 to store a password. There are stronger encryption methods available for PHP. In addition it is a good practice to use a salted password when storing it in the database.
For more information see How do you securely store a user's password and salt in MySQL?
You can find more information regarding how to use codeigniters active record class in the codeigniter manual.
Related
I created a new table called ADMIN_USER with the field USERNAME and PASSWORD for authentication, but then when I tried to perform login, Hash::check return true as expected but the Auth::attempt return false.
Then I tried to remember the logged-in user before Hash::check or Auth::attempt, php reply with an error: Call to undefined function App\Http\Controllers\Auth\loginUsingId()
And the Auth:login under Hash::check does not remember anything.
Here is my authenticate method in the LoginController:
public function authenticate(Request $request)
{
$data = $request->all();
$user = new User();
$user = $user->where('USERNAME' , $data['inputUsername'])->first();
Log::info($user->PASSWORD);
Log::info($data['inputPassword']);
Auth:loginUsingId($user->id);
/*
if(Auth::attempt(array('USERNAME' => $data['inputUsername'], 'PASSWORD' => $data['inputPassword']))){
return redirect($this->home);
}else{
return redirect($this->index);
}
*/
if(Hash::check($data['inputPassword'], $user->PASSWORD)){
Auth::loginUsingId($user->id);
return redirect($this->home);
}else{
return redirect($this->index);
}
}
Laravel comes pre-configured with a user and auth table that stores your session info, users, salted passwords, etc so no need to create your own table. You can read more about this in the documentation.
Laravel config won't know how to communicate with ADMIN_USERS unless you modify your authenticate class.
look in your application's database/migrations folder and you should find a timestamp_create_users_table.php file that contains a migration to create a users table with id, name, email, password, token, and timestamps.
If you don't see that then run:
php artisan make:auth
Once you have that migration file in your migrations folder then just run.
php artisan migrate
Once this runs check your database and you should see a users table. I'm pretty sure this will fix your Authentication issues.
I'd suggest you run through some of the free lessons available on laracasts. It should help get you up to speed fairly quickly.
Hope this helps.
I solved my problem by changing PASSWORD to password and ID to id in my database.
I'm implementing a login API using Laravel 5.4 for a company that already has two tables where they store username and password. I'm using Tymons JWTAuth which uses the default auth. How can I override the authentication so that it gets the password from another table and not the users table?
Currently I'm using my localhost and the default users table
public function login() {
$credentials = $request->only('user', 'password');
try {
if ( ! $token = JWTAuth::attempt($credentials))
{
return response()->json([
'error' => 'Your email or password is incorrect'
], 401);
}
}
already has two tables where they store username and password
The best way you can do is copy your data to the Auth tables. If you don't want to use the password from the auth, then better rewrite it from scratch and don't use Auth to make your life simplier. Goodluck!
Decided to create a view in my database from the two tables. Seemed like the easiest solution
On documentation of Laravel, to retrieve the authenticated user:
$user = Auth::user();
This is my table schema (example)
tblUser
id // 1
userid // admin
password // 12345
tblUserInfo
id // 1
userid // admin
first_name // Roi
Is it possible to relate the tblUserInfo for the authenticated user? like for example
Auth::user()->with('userinfo')->first_name;
or is there a way around to get the first_name from authenticated user before I hit the view?
You should be able to just do
$firstname = Auth::user()->userinfo->first_name;
This assumes you have your relationship defined properly. Something along the lines of
class User extends Authenticatable
{
// ...
public function userinfo()
{
return $this->hasOne(UserInfo::class);
}
}
Given your non-standard table schema you may need to explicitly specify column names for foreign and local keys in hasOne() method - 2nd and 3rd parameters accordingly.
return $this->hasOne(UserInfo::class, 'id', 'id'); // or 'userid' depending on what you're using as a FK
^^^^^^^^^
In my db, an admin creates an account for a user, but doesn't fill in their username/password. Once this row has been created, then the user will get an email that asks them to register.
In my store() of my RegisterController, after I perform all the validation, I have the following:
// here $user is received via authorization code and email
$user->username = $input['username'];
$user->password = $input['password'];
if ($user->save()) $data;
return 'Could not save';
However, this gives me an error saying Trying to get property of non-object. I also realize that you need to Hash the password, but I have built on the Model and it will automatically hash the password attribute inside.
Any ideas?
Coming from CodeIgniter's Datamapper ORM I am still trying to get my head around Laravel's Eloquent ORM.
Given the fact that I have an ACCOUNT and a USER table (simplified):
ACCOUNT
- id
- name
USER
- id
- account_id
- username
One account has many users. One user belongs to one account. So we're dealing with a one-to-many relationship. Everything is already set-up in the models.
In CodeIgniter's Datamapper I would have done the following to get the user from any given ID and at the same time check if that user is related to the current account:
$u = new User();
$u->where('username', $username);
$u->where_related_account('id', $account_id);
$u->get();
if ( ! $u->exists()) exit; // or do something...
// otherwise continue to use the "$u" user object
This syntax is very logical and easy to understand. In Eloquent I have a hard time to achieve the same with a similar easy syntax. Does anyone have any suggestions?
Very simply (ignoring the relationship between the user and the account), it could just be:
$u = User::where('username', $username)
->where('account_id', $id)
->get();
That will return you your user's details.
Otherwise, assuming that you have your User and Account classes and DB tables are set up correctly (as per the Laravel docs), you should be able to just do:
$user_exists = Account::find($account_id)
->users()
->where("username", "=", $username)
->first()
->exists;
if ($user_exists)
{
doThings();
}
If you've correctly set up your models and database tables (as #msturdy said) you should actually be able to return your user account by simply going:
$user = User::whereUsername($username)
->first(); // or User::where('username', $username)->first();
if ($user) {
$account = $user->accounts()
->whereId($account_id)
->first(); // or $user->accounts()->where('id', $account_id)->first();
}
This gives you the ability to access the user and account models
you could even extend your User model to include the following methods:
class User extends Eloquent {
...
public static function byUsername($username) {
return static::whereUsername($username)->first();
}
public function getAccount($id) {
return $this->accounts()->whereId($id)->first();
}
...
}
and then simply go
$user = User::byUsername($username);
if ($user) {
$account = $user->getAccount($account_id);
}
which might be better for you if you are using the code in multiple controllers.