Level 3
my first idea is that you logout function may be incorrect and its not forgeting tokens or related to user data something, if you provide some code may be helpfull
May 17, 2017
6
Level 1
Login suddenly returning "These credentials do not match our records."
I am using laravel 5.2. Everything was working fine today. Then I decided to test the reset password function of my site. When I reset the password it logs me right in. But if I log out and try logging in via the login link I get this error.
THe only thing I can think of is it is related to tokens and such. Or maybe somehow related to how I am testing another user account which has same password. So all day I have had multiple browsers open for multiple users. But I can't imagine why all this would cause such weird login behavior.
In PHPStorm it is a nightmare to debug this. I can't find where in the code a check is being made.
Anyway, I am not even sure what code to show you since it is not so clear where in the process flow key things are tested. I did see in PHPStrom that in the response variable the email and password were correct.
Any advice appreciated!
thnaks
Level 1
As far as I can tell, the stock laravel Auth package is being used, and in the AuthenticatesUsers file there is just this:
/** * Log the user out of the application. * * @return \Illuminate\Http\Response */ public function getLogout() { return $this->logout(); }
/**
* Log the user out of the application.
*
* @return \Illuminate\Http\Response
*/
public function logout()
{
Auth::guard($this->getGuard())->logout();
return redirect(property_exists($this, 'redirectAfterLogout') ? $this->redirectAfterLogout : '/');
}
THe auth config file simply has this
<?php
return [
/*
|--------------------------------------------------------------------------
| Authentication Defaults
|--------------------------------------------------------------------------
|
| This option controls the default authentication "guard" and password
| reset options for your application. You may change these defaults
| as required, but they're a perfect start for most applications.
|
*/
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
/*
|--------------------------------------------------------------------------
| Authentication Guards
|--------------------------------------------------------------------------
|
| Next, you may define every authentication guard for your application.
| Of course, a great default configuration has been defined for you
| here which uses session storage and the Eloquent user provider.
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| Supported: "session", "token"
|
*/
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
|
| All authentication drivers have a user provider. This defines how the
| users are actually retrieved out of your database or other storage
| mechanisms used by this application to persist your user's data.
|
| If you have multiple user tables or models you may configure multiple
| sources which represent each model / table. These sources may then
| be assigned to any extra authentication guards you have defined.
|
| Supported: "database", "eloquent"
|
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
/*
|--------------------------------------------------------------------------
| Resetting Passwords
|--------------------------------------------------------------------------
|
| Here you may set the options for resetting passwords including the view
| that is your password reset e-mail. You may also set the name of the
| table that maintains all of the reset tokens for your application.
|
| You may specify multiple password reset configurations if you have more
| than one user table or model in the application and you want to have
| separate password reset settings based on the specific user types.
|
| The expire time is the number of minutes that the reset token should be
| considered valid. This security feature keeps tokens short-lived so
| they have less time to be guessed. You may change this as needed.
|
*/
'passwords' => [
'users' => [
'provider' => 'users',
'email' => 'auth.emails.password',
'table' => 'password_resets',
'expire' => 60,
],
],
];
Level 1
I should also mention that when the error is thrown, the email field is marked in red. But I am 100% sure I am entering the right data... I have looked in the database and everything looks fine. What is odd though, is that the passwords in the database for these two accounts have different strings. Since the passwords are the same, seems odd the strings would be different. And I know for sure the passwords are indeed the same. In any case, I have tried this many times: reset password (after changing password I get logged in automatically), then logout and try logging in with same password error
Level 1
Figured out problem. I had added a 'subscribe' checkbox on register form and placed it as a field in the credentials checker... Definitely didn't need that as a credential! So all is good!
1 like
Level 42
I think you can define setPasswordAttribute method in User model
public function setPasswordAttribute($password)
{
$this->attributes['password'] = \Hash::make($password);
}
Hope it's work for you !
Level 13
Check if you have overwritten the username() method from AuthenticatesUser trait.
Also what I can think of is, maybe the user ID is not 'id' is changed or something?
Please or to participate in this conversation.