1

I followed this http://laravel.com/docs/4.2/security#authenticating-users

And done with my tabels,

While i try to authenticate, It fails all the time,

I use the default User Model and the auth.php's users table with suggested things in documentation. Should i have to do anything beyond it.

  $email = Input::get('email');
  $password = Input::get('password');       
  if (Auth::attempt(array('email' => $email, 'password' => $password)))
    {
        return Redirect::intended('dashboard');
    }
Improve this question
8
  • "it fails all the time". Is that the actual error message you get? Commented Dec 26, 2014 at 18:20
  • Can you please show us the error mesasge you are getting ? Commented Dec 26, 2014 at 18:25
  • @JosephSilber. ah, not it didn't pass the if condition, Commented Dec 26, 2014 at 18:31
  • @Teeyo: I am not getting error message, as i don't how to throw error message here (so i tried with just return statements) Commented Dec 26, 2014 at 18:32
  • I fear that should i do anyother stuffs rather than the thing i did ? Commented Dec 26, 2014 at 18:37

1 Answer 1

Reset to default
1

The password you store in your table needs to be a hashed value. Laravel requires it to be. But that shouldn't even be the primary reason. The password needs to be hashed so no one can find out what the actual password is. It doesn't matter if you think your database server is secure and nobody will gain access. There's always a possibility that your database gets compromised and in this case you wan't to protect the users password.

Check this question on Security Stack Exchange out for more information on the topic.

Now here's a fast way to get a hashed version of your password. (Without having a registration form, which obviously needs to do that). Add this to routes.php

Route::get('hash/{value}', function($value){
    return Hash::make($value);
});

Open the url /hash/your-password and copy this string into the password field in your database.

Improve this answer
Sign up to request clarification or add additional context in comments.

8 Comments

I can't do this without hashing my password ?
You shouldn't. And if you want to you need to do a bit more work or write your own Auth UserProvider. Why don't you want to hash your password?
Well, then i will hash my password,
It's better that way, believe me.
Is this the way $password = Hash::make('secret'); ?
|

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.