No query results for model [App\User].

You changed it in the query for logging in there, but did you change it where the user is created, where the password initially gets encrypted with bcrypt() and stored in the db?

Otherwise you're comparing a md5 hash to a bcrypt hash in the db.

Why are you doing this though? md5 should never be used for password hashes. They're very insecure. bcrypt() is far superior.

I know they are very insecure but my colleague working with android. According to her, the password should change to md5.

When I enter the password incorrectly, I see this error.

No query results for model [App\User].

And I'm logged in when I enter the password correctly.

She doesn't know wtf she's talking about, but ok.

WTF?

What do you mean?

According to her, the password should change to md5.

I mean she is wrong and doesn't know what she's talking about...

Even the php docs say not to use md5 for password hashing. http://php.net/manual/en/faq.passwords.php

Why are common hashing functions such as md5() and sha1() unsuitable for passwords?

Hashing algorithms such as MD5, SHA1 and SHA256 are designed to be very fast and efficient. With modern techniques and computer equipment, it has become trivial to "brute force" the output of these algorithms, in order to determine the original input. Because of how quickly a modern computer can "reverse" these hashing algorithms, many security professionals strongly suggest against their use for password hashing.

Yes, you're right, just solve. that mistake that I said. Thankful

did you change it where the user is created, where the password initially gets encrypted with bcrypt() and stored in the db

???

Yes, But I enter the password incorrectly, I see this error...

Show your code where the user gets created, like where they sign up...

And you probably get that error because you use firstOrFail(). If it doesn't find the user where the email and password match, it fails, so if you're entering the wrong password, that's why.

Do you mean LoginController.php file?

No, the user doesn't get created there... It would be the RegisterController where it creates the user and saves them in the database when they sign up...

Ok, What to use instead of firstOrFail()?

public function register(Request $request)
{
    if ($request->hasFile('image')) {
        $fileNameWithExt = $request->file('image')->getClientOriginalName();
        $filename = pathinfo($fileNameWithExt, PATHINFO_FILENAME);
        $extention = $request->file('image')->getClientOriginalExtension();
        $fileNameToStore = $filename.'_'.time().'.'.$extention;
        $path = $request->file('image')->storeAs('public/images', $fileNameToStore);
    } else {
        $fileNameToStore = 'noimage.jpg';
    }

    $user = new User();
    $user->first_name = $request->firstname;
    $user->last_name = $request->lastname;
    $user->email = $request->email;
    $user->password = md5($request->password);
    $user->mobile = $request->mobile;
    $user->national_code = $request->nasional_code;
    $user->birth_date = $request->birthdate;
    $user->document = $request->document;
    $user->educational = $request->educational;
    $user->gender = $request->gender;
    $user->side = $request->side;
    $user->image = $fileNameToStore;
    $user->save();
    return redirect('/');
}

I don't know what YOU want to do. What do you want it to do when it can't find the user when they try to login? The default auth system redirects back to the form and displays the error messages, just like with all forms.

Obviously if it can't find the user, you can't do Auth::login($user); as $user will be null.