1

我想在 laravel 4 中自定义我的登录名,usernameusername所做email的是:

public static function custom_login($uname,$pwd)
{
    $res = DB::select("select * from users where (username = ? or email = ?) and password = ? and active = 1",array($uname,$uname,$pwd));
            return $res;
}

现在,我们都知道密码是经过哈希处理的,因此您无法使用password = ?. 如果密码正确,如何检查密码?

4

6 回答 6

8

我同意这里的人的原则,但我会使用Eloqunet,以防表名将来更改。

$user = User::whereRaw('email = ? OR username = ?', array('value', 'value'))->first();

if ( ! $user) {
    return false;
}

if (Hash::check('password', $user->password)) {
    // The passwords match, log in the user
    Auth::loginUsingId( $user->id );
}

我是即时编写代码的,如果出现任何语法错误,请见谅。

于 2013-07-19T10:36:07.117 回答
1

您首先需要从数据库中获取密码。然后做Hash::check($pwd, $theDatabasepassword)看看是否匹配。

于 2013-07-19T04:33:07.727 回答
0

这是我对用户名或电子邮件登录的看法:

$input = Input::all();
$remember = (isset($input['remember'])) ? true : null;
$rules = array('email_or_username' => 'required', 'password' => 'required');
$validator = Validator::make($input, $rules);

if ($validator->fails())
{
    return Redirect::back()->withErrors($validator)->withInput();
}

// get model based on username_or_email, returns null if not present
$user = User::where('email', $input['email_or_username'])->orWhere('username', $input['email_or_username'])->first();

if(!$user) {
    $attempt = false;
} else {
    $attempt = Auth::attempt(array('email' => $user->email, 'password' => $input['password']),$remember);
}       

if($attempt) {
    return Redirect::intended('/')->with(array('flash_message' => 'Successfully logged into ' . Lang::get('site.general.title') . '!', 'flash_type' => 'success') ); 
}

return Redirect::back()->with(array('flash_message' => 'Invalid credentials, please try again', 'flash_type' =>'danger'))->withInput();
于 2013-11-11T18:08:21.657 回答
0

我给你一个指导方针。

1. get the hashed pass from DB with respect to the username or email

2. Hash::check() to see if it matches. This function returns a boolean value. 

3. if it passes, login the user.

注册时,使用 对密码进行哈希处理Hash::make()

于 2013-07-19T05:04:57.993 回答
0

在数据库查询之前,您可以散列密码变量。像这样的东西:

......
$pwd = do_hash($pwd);//do_hash is the hash function name 
$res = DB::select("select * from users where (username = ? or email = ?) and password = ? and active = 1",array($uname,$uname,$pwd));
        return $res;
......
于 2013-07-19T04:47:37.297 回答
0

您可以使用

$password = Hash::make($password);

函数获取密码的哈希,然后检查它

于 2013-07-19T04:52:01.663 回答