Level 3
Have you tried clearing your browser cache? Maybe also resetting your password.
Mar 9, 2020
15
Level 2
Login fails after changing User model
I have expanded default User model in Laravel with additional fields like firstname, lastname, admin (boolean field) etc.
Registration and works fine, and it logs me in for the first time, but if I log out, I can't login anymore. I get the "These credentials do not match our records." error when I try to login. What could be wrong?
My user model is modified and looks like this:
<?php
namespace App;
use Illuminate\Contracts\Auth\MustVerifyEmail;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
class User extends Authenticatable
{
use Notifiable;
/**
* The attributes that are mass assignable.
*
* @var array
*/
protected $fillable = [
'name', 'firstname', 'lastname', 'email', 'password', 'admin', 'active', 'phone'
];
/**
* The attributes that should be hidden for arrays.
*
* @var array
*/
protected $hidden = [
'password', 'remember_token',
];
/**
* Add a mutator to ensure hashed passwords
*/
public function setPasswordAttribute($password)
{
$this->attributes['password'] = bcrypt($password);
}
/**
* The attributes that should be cast to native types.
*
* @var array
*/
protected $casts = [
'email_verified_at' => 'datetime',
];
}
Migration model looks like this:
<?php
use Illuminate\Database\Migrations\Migration;
use Illuminate\Database\Schema\Blueprint;
use Illuminate\Support\Facades\Schema;
class CreateUsersTable extends Migration
{
/**
* Run the migrations.
*
* @return void
*/
public function up()
{
Schema::create('users', function (Blueprint $table) {
$table->bigIncrements('id');
$table->string('name')->unique();
$table->string('firstname')->nullable();
$table->string('lastname')->nullable();
$table->string('email')->unique();
$table->timestamp('email_verified_at')->nullable();
$table->string('password');
$table->boolean('admin')->default(false);
$table->boolean('active')->default(true);
$table->string('phone')->nullable();
$table->rememberToken();
$table->timestamps();
$table->string('edited_by')->nullable();
$table->timestamp('edited_at')->nullable();
});
}
/**
* Reverse the migrations.
*
* @return void
*/
public function down()
{
Schema::dropIfExists('users');
}
}
Level 102
Did you by any change roll back all migrations to run them again? If so the user will be deleted
Did you run something like (NOTE: I am not telling you to run this!)
php artisan migrate:fresh
Level 2
Clearing browser cache does not work here. Also, I'm working on the application locally and I did not set up email for resetting password, so I can't do that...
Level 102
Try checking your database. Does the values look right? password and such
Level 2
@sinnbeck No, I did not rollback migrations. Also, If I create new user through database, it works fine, I can login/logout without any problems. Only users created through register form have this problem.
Passwords are hashed with bcrypt
if I create user manually through database, I use: https://bcrypt-generator.com/
Level 75
Why are you:
public function setPasswordAttribute($password)
{
$this->attributes['password'] = bcrypt($password);
}
When Authentication takes care of this.
I suggest you go back to "out of box" Auth, but you can still add fields to users table even with "out of box" Auth.
Level 2
@jlrdw Could the problem be this function in my User class:
public function setPasswordAttribute($password)
{
$this->attributes['password'] = bcrypt($password);
}
I added that because I created user CRUD like here: https://vegibit.com/how-to-create-user-registration-in-laravel/
You think that broke "out of the box" auth system?
Level 53
@mleontenko seems like your password is double-hashed as create method in RegisterController already hashes the password. Why did you added setPasswordAttribute method to your User model?
Level 2
@sti3bas because I created User CRUD like in this tutorial: https://vegibit.com/how-to-create-user-registration-in-laravel/
it specifies that I need to add that method to User class to ensure hashed passwords (otherwise they would not be hashed).
So, passwords created through Register are double hashed, and the ones created through CRUD are fine... Is there a way to remove hashing from RegisterController because I added it in model? Could it solve this problem?
Level 53
@mleontenko so you're using the default Laravel RegisterController or the custom one from the tutorial?
Level 75
because I created User CRUD like in this tutorial: https://vegibit.com/how-to-create-user-registration-in-laravel/
That's fine, but I would highly suggest learn laravel the way Taylor implements it.
Look, laravel is such an easy flexible framework already.
Level 2
@sti3bas I'm using both. Default one is for anonymous user to register, and the one from tutorial is for application administrator to create users through forms.
But, both controllers use the same model (User). Following the tutorial broke the default register (it double hashes now) because I added hashing function to User model.
Level 53
@mleontenko open your RegisterController, go to create method and update 'password' => Hash::make($data['password']), to 'password' => $data['password'],.
2 likes
Level 2
@sti3bas That works. Thanks!
Level 15
this solved the same problem I have in the Tweety project in Laravel from scratch (laravel v.7)
Please or to participate in this conversation.