bexter989

Hi,

you might wanna

bcrypt($password)

in the doLogin method if your not using the

make:auth

artisan command.

ie:

public function doLogin(Request $request)
{
    $email          = $request->input('email');
    $password       = $request->input('password');

    if ( Auth::attempt(['email' => $email, 'password' => bcrypt($password)]) ){
        return redirect()->route('home');
    }

    return redirect()->back(); 
}

Cheers.

Jaytee
Jaytee
2 months ago (101,105 XP)

@bexter989 You don't hash the password during the login process. the attempt() method will hash it behind the scenes. You just pass the plain string.

However, you do need to has the password when creating an account. If you're just passing a plain password, it's being stored as a plain password. Then when you go to authenticate, it's checking whether the hashed version of the password matches the one stored in the database.

So make sure you're hashing your password upon registration.

bexter989

Thanks... Oversight on my part. Cheers

Please sign in or create an account to participate in this conversation.