Be part of JetBrains PHPverse 2026 on June 9 – a free online event bringing PHP devs worldwide together.
I modified the AuthController so that my log in accepts an username and a password instead of an email. Here is how it looks:
public function postLogin(Request $request)
{
$this->validate($request, [
'user' => 'required', 'pass' => 'required',
]);
$credentials = $request->only('user', 'pass');
if ($this->auth->attempt($credentials, $request->has('remember')))
{
return redirect()->intended('/login');
}
return redirect('/login')
->withInput($request->only('user', 'remember'))
->withErrors([
'user' => $this->getFailedLoginMesssage(),
]);
}
I already made it so that the registration form takes only an username and a password. However, upon registering with username testuser and pass testpass, and trying to log in with those same credentials, I still get the "Credentials do not match" error.
I don't know if there is any other file I should change? My log in form points to /auth/login as its ACTION.
Any help is great. Thanks!
Are your passwords stored in the database in plain text? If so, make sure you brcrypt($password) when setting the user model's password attribute. I'm not sure why it doesn't do this out of the box, mind you.
I'd hazard a guess that the reason you're getting the credentials do not match error is because the auth method tries to do a hash match on your input, but as the password is in plain text in the database it will fail.
Well, they aren't getting stored in plain text. I checked, this is how one should look, right?
$7y$11$4ra1Zeh0MEQ09MFgwsv5ReTxHp4TuFfiq7qNSvM1nr3/Q44seUZ4e
I don't mind sharing it, since it's still an app very early in development (and I'm still a big noob). And, over at Registrar.php under Services, there's this:
return User::create([
'user' => $data['user'],
'pass' => bcrypt($data['pass']),
]);
So I guess that confirms they are getting encrypted. However, is there any chance that they aren't getting encrypted over at login time, before comparing it to the db password? I don't know if it has anything to do with it, but my login view isn't over at /auth/login, it's a different view.
column names in your database match with the input field names?
Yeah, they do. I just checked. They are just "user" and "pass".
Hey, I found the culprit, I don't know if this is some sort of glitch or if it's this way by design:
The password field CAN'T be named 'pass', it should be named password. I changed the 'pass' field in my db to password, the 'pass' validation in the AuthController to 'password' and the input name to 'password' and everything is working fine now.
I wonder if this is the way it's meant to be? The password field should only be named 'password'? User/username works, whatever it is named.
Did you change the name of the input fields in your login and register forms to password or was it there pass as well
<input type="password" name="pass">
// or
<input type="password" name="password">
I changed them (the names of the input fields) to password as well, since I had changed everything else to password (including the db field).
So...
<input type="password" name="password">
@Holi It expects the column name to be password so you need to change it as per above.
Please or to participate in this conversation.