如何更改/自定义 Laravel 4 和 Laravel 5 用户身份验证的密码字段名称 [英] How to change / Custom password field name for Laravel 4 and Laravel 5 user authentication
问题描述
我想在使用 Laravel 身份验证时更改数据库中的密码字段.我希望 users 表中的列具有名称 passwd 而不是 password.我试图运行这样的东西:
I would like to change password field in database when using Laravel authentication. I want my column in users table has name passwd and not password. I tried to run something like this:
Auth::attempt(array(
'user_name' => 'admin',
'passwd' => 'hardpass',
));
但它不起作用.
我还尝试在 User 模型中添加以下功能:
I also tried to add in User model the following function:
public function getAuthPassword() {
return $this->passwd;
}
但它也没有任何改变.用户仍未通过身份验证.Laravel 中是否可以更改数据库中的密码字段名称?
but it also changes nothing. User is still not being authenticated. Is it possible in Laravel to change password field name in database ?
推荐答案
信息
您可以轻松更改数据库中的所有其他字段并将其用于身份验证.唯一的问题是 password 字段.
事实上,password 字段在 Laravel 中以某种方式硬编码(但不是许多人认为的方式),所以你不能在你的问题中传递数组.
In fact password field is in some way hard coded in Laravel (but not the way many think) so you cannot just pass array as you passed in your question.
默认情况下,如果您将数组传递给 attempt(可能还有其他 Auth 函数,如 validate 或 once),如果您这样做:
By default if you pass array to attempt (and probably other Auth functions like validate or once) if you do it this way:
Auth::attempt(array(
'user_name' => 'admin',
'password' => 'hardpass',
));
默认的 Eloquent 驱动程序将运行以下查询:
default Eloquent driver will run the following query:
select * from `users` where `user_name` = 'admin' limit 1;
从数据库中获取此数据后,它会将您提供的密码与创建的用户对象的密码属性进行比较.
After getting this data from database it will compare password you gave with password property for User object that was created.
但如果你只是使用:
Auth::attempt(array(
'user_name' => 'admin',
'passwd' => 'hardpass',
));
将运行以下查询:
select * from `users` where `user_name` = 'admin' and `passwd` = 'hardpass' limit 1;
并且不会在数据库中找到用户(在 passwd 中存储散列密码).这是因为 Eloquent 从查询 password 中删除,但使用任何其他数据来运行查询.此外,如果您尝试在这里使用 'passwd' =>Hash:make($data['password']) 虽然会找到用户,但比较密码不起作用.
and no user will be found in database (in passwd you store hashed password). This is because Eloquent removes from query password but use any other data to run query. Also if you try here to use 'passwd' => Hash:make($data['password']) although user will be found, comparing password won't work.
解决方案很简单.你需要像这样运行 Auth::attempt:
Solution is quite easy. You need to run Auth::attempt like this:
Auth::attempt(array(
'user_name' => 'admin',
'password' => 'hardpass',
));
如您所见,您仍然将 password 作为键传递(尽管此列不会在 users 表中存在),因为只有这样 Eloquent 驱动程序才会将它用于构建查询.
As you see you still pass password as key (although this column doesn't exits in users table) because only this way Eloquent driver won't use it for building query.
现在在User模型(app/models/User.php)文件中你需要添加如下函数:
Now in User model (app/models/User.php) file you need to add the following function:
public function getAuthPassword() {
return $this->passwd;
}
如您所见,您在这里使用了数据库中真正存在的列:passwd.
As you see you use here the column that really exists in database: passwd.
通过这种方式,您可以使用密码命名任何您想要的列,并且您仍然可以使用默认的 Eloquent 驱动程序.
Using it this way you can have column with password named anything you want and you can still use default Eloquent driver for it.
我为它创建了非常简单的测试.
I've created very simple test for it.
您只需将您的 app/routes.php 文件替换为以下内容:
You just need to replace your app/routes.php file with the following:
Route::get('/', function () {
if (Auth::check()) {
echo "I'm logged in as " . Auth::user()->user_name . "<br />";
echo "<a href='/logout'>Log out</a>";
} else {
echo "I'm NOT logged in<br />";
Auth::attempt(array(
'user_name' => 'admin',
'password' => 'hardpass',
));
if (Auth::check()) {
echo "Now I'm logged in as " . Auth::user()->user_name . "<br />";
echo "<a href='/logout'>Log out</a>";
} else {
echo "I'm still NOT logged in<br />";
}
}
});
Route::get('/logout', function () {
Auth::logout();
return "You have been logged out";
});
Route::get('/db', function () {
if (!Schema::hasTable('users')) {
Schema::create('users', function ($table) {
$table->engine = 'InnoDB';
$table->increments('id');
$table->string('user_name', 60)->unique();
$table->string('passwd', 256);
$table->rememberToken();
$table->timestamps();
});
DB::table('users')->insert(
[
[
'user_name' => 'admin',
'passwd' => Hash::make('hardpass'),
]
]
);
}
echo "Table users has been created";
});
- 在
app/config/database.php中创建空数据库并设置连接数据 - 现在您可以运行
/dburl 例如http://localhost/yourprojectname/db来创建用户表. - 现在您可以运行
/url 例如http://localhost/yourprojectname/- 正如您看到的,即使在users中,用户也已登录code> 数据库中的表,您没有任何password列(用于身份验证的数据已作为字符串传递而没有任何形式,但当然在实际应用程序中您将添加它们).您可以再次运行此网址 - 正如您看到的,用户仍处于登录状态,因此它按预期工作. - 如果您点击
注销链接,您将被注销
- Create empty database and set connection data in
app/config/database.php - Now you can run
/dburl for examplehttp://localhost/yourprojectname/dbjust to create users table. - Now you can run
/url for examplehttp://localhost/yourprojectname/- as you see user is logged in even if inuserstable in database you don't have anypasswordcolumn (data for authentication has been passed as strings without any forms but of course in real application you will add them) . You can run this url once more time - as you see user is still logged so it is working as expected. - If you click on
Log outlink, you will be logged out
Laravel 5 上面的变化
此解决方案已在 Larave 4.2.9(以上所有内容)和 Laravel 5 中进行了测试.在 Laravel5 中,一切都相同,但您当然需要在不同路径下编辑文件:
Laravel 5 changes for above
This solution was tested in Larave 4.2.9 (everything as above) and also in Laravel 5. In Laravel5 everything works the same but you need of course edit files in different paths:
User模型在app/User.php文件中- 路由在
app/Http/routes.php文件中 - 数据库配置文件在
config/database.php文件中
Usermodel is inapp/User.phpfile- routes are in
app/Http/routes.phpfile - Database config file is in
config/database.phpfile
这篇关于如何更改/自定义 Laravel 4 和 Laravel 5 用户身份验证的密码字段名称的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
