I can't login to my own admin account in a laravel project. I KNOW the details are correct. Using Table Plus

huangapple go评论64阅读模式
英文:

I can't login to my own admin account in a laravel project. I KNOW the details are correct. Using Table Plus

问题

我正在进行一个小项目。我有一个用于验证登录的数据库。我正在创建一个具有我的电子邮件的管理员帐户,我有标准的错误消息:

  • "未注册的电子邮件"
  • "密码或电子邮件不正确"
  • "缺少密码"
    等等

当我只输入我的电子邮件时,我的登录页面识别它并不会显示错误消息(所以我知道它正确地访问了我的数据库)。
当我输入密码时,登录页面会声明电子邮件或密码不正确。

我知道它识别了我的电子邮件,所以密码是不正确的,但我也知道它是正确的(我手动输入到我的 Table Plus 数据库中)。

下面附带了图片:(这个错误让我苦恼,非常感谢您的帮助)

首张图片是电子邮件被识别。
我的数据库条目的第二张图片。
第三张图片显示我的密码不准确。在图片中,密码是明文的,因为我正在排除故障。

英文:

I'm doing a small project. I have a database that is meant to verify logins. I'm creating an Admin Account with my own email, I have the bog-standard error messages of:

  • "Unregistered Email"
  • "Password or Email Incorrect"
  • "Missing Password"
    etc

When I enter JUST my email, my login page recognizes it and doesn't throw an error message (so I know it's accessing my database correctly).
When I enter my password, the login page declares the email or password is incorrect.

I know it's recognizing my email, so it's the password that's incorrect, but I also KNOW it's correct (I typed it manually into my Table Plus database.)

Images included below: (This bug is killing me, help would be EXTREMELY appreciated)

Email being recognized first picture.
My database entries second picture.
Third picture is showing my password not being accurate. In the picture the password is plain text, because I am trouble shooting.

答案1

得分: 1

你正在使用存储在数据库中的空密码,这是一种非常危险的方法,不建议使用。你需要对密码进行哈希处理以便进行登录。我不确定你正在使用哪种身份验证方式(ui/sanctum/breeze),但我建议你使用laravel/breeze,而不是构建自己的身份验证系统,可以参考:https://laravel.com/docs/9.x/starter-kits#breeze-and-blade

一旦安装了laravel/breeze,你可以简单地修改Blade模板以满足你的需求。

要正确存储哈希后的密码,你可以按照以下步骤进行:

用户控制器(顶部区域):

use Illuminate\Support\Facades\Hash;
use Illuminate\Validation\Rule;

用户控制器(示例存储方法):

/**
 * Store a newly created resource in storage.
 *
 * @param  \Illuminate\Http\Request  $request
 * @return \Illuminate\Http\Response
 */
public function store(Request $request)
{
    $data = request()->validate([
        'email' => ['required', 'email', Rule::unique('users')],
        'password' => 'required',
    ]);

    $user = new User();
    $user->password = Hash::make($request->password);
    $user->email = $request->email;
    $user->save();

    return redirect('somewhere');
}

注意: 你也可以选择使用 bcrypt($request->password) 直接加密密码,而不必使用 Hash::make();

英文:

You are using a blank password stored in the database, this is a very dangerous approach and not recommended at all, you need to hash your passwords in order to login, I'm not sure what authentication you are using (ui/sanctum/breeze) but I recommend you use laravel/breeze, instead of building your own authentication using: https://laravel.com/docs/9.x/starter-kits#breeze-and-blade

Once that is installed, you can simply modify the blade to look anyway you like it to look.


To hash a password to be stored correctly you can do the following:

User Controller (Top Area):

use Illuminate\Support\Facades\Hash;
use Illuminate\Validation\Rule;

User Controller (store method example):

/**
	* Store a newly created resource in storage.
    *
    * @param  \Illuminate\Http\Request  $request
    * @return \Illuminate\Http\Response
*/
public function store(Request $request)
{
    $data = request()->validate([
        'email' => ['required','email',Rule::unique('users')],
        'password' => 'required',
    ]);
        
    $user = new User();
		$user->password = Hash::make($request->password);
		$user->email = $request->email;
    $user->save();
        
    return redirect('somewhere');
}

Note: You may also opt for using bcrypt($request->password) to directly crypt the password without having to use Hash::make();

huangapple
  • 本文由 发表于 2023年1月6日 12:15:41
  • 转载请务必保留本文链接:https://go.coder-hub.com/75026872.html
匿名

发表评论

匿名网友

:?: :razz: :sad: :evil: :!: :smile: :oops: :grin: :eek: :shock: :???: :cool: :lol: :mad: :twisted: :roll: :wink: :idea: :arrow: :neutral: :cry: :mrgreen:

确定