Custom 'Auth' controller

One of my Laravel sites came over from a WordPress site with many users, so I created a custom UserProvider that extends the default one and only overrides the validateCredentials() method to check if the password saved for the user was hashed using WordPress so it can check if the password is correct using that algorithm instead.

The controllers in app/Http/Controller/Auth/ are there for you to modify. I wouldn't write something totally new but instead look at the traits they use and override anything you need.

What specific default Laravel behavior isn't compatible with the data you have?

Keep in mind I am not very experienced with Laravel, at all, this is just going from what I seem to be understanding from reading the documentation and looking at other laravel installs.

It appears that laravel uses it's own custom table, stores username, password, session id, etc in this table, and also writes to it during registration. Although the table its looking up could easily be modified, the writing to the table from laravel would need to be changed completely, as there are a lot more columns that would need to be written during registration than what laravel provides, and the session handling is vastly different.

For example, my system uses an email address and a specialized password hash for authentication, not like the one Laravel uses, as well as checking the values of some more data in the table, too. I am just not sure how to extend it enough to allow for complete workability with the current table structure.

For checking your existing password hashes, writing a custom user provider should do the trick.

As for writing extra columns during registration, the included app/Http/Controllers/Auth/RegisterController.php has a validator and create method you can just modify in place to add the extra fields you need and to hash the password using your own method.

I don't think you'll have too much trouble. The only thing I don't have experience with is customizing the session driver, but once getting a feel of how Laravel does things I'm sure you can get it going.

I appreciate it. I think the biggest thing, is nothing outside of specific parameters can be written to the account table. (For example, a new column or columns for handling session IDs, etc). I am writing a web interface for a game that a friend of mine is developing, and the system will break if the columns dont match what it's expecting.

The solution to that, is going to have to be an independent session table that stores the session information along with the user ID (Which Laravel may already do)

@sutherland Thank you for the advise. In going through, I enabled Auth using php artisan make:Auth, then set the provider to 'database', and using the default system it appears to work.

Now I just need to find out how to get the password hash to use the one that the table has stored, and not bcrypt, and everything will work nicely!

This example may be outdated but it should help: https://github.com/typetokrish/Laravel-Custom-Hashing

Obviously you'll still need to change the use of bcrypt() in the RegisterController's create method.