Laravel Auth - 使用 md5 而不是集成的 Hash::make() [英] Laravel Auth - use md5 instead of the integrated Hash::make()

问题描述

所以，我要为我的网站切换到 Laravel.我的旧网站目前拥有大约 500 个用户.每个用户都有一个附加到他们的 md5 哈希，作为密码(废话^^).

So, I'm switching over to laravel for my site. My old site currently holds around 500 users. Each user has a md5 hash attached to them, as the password (duh ^^).

当我切换到 Laravel 时，我希望使用 Auth::attempt不幸的是，它使用自己的方法来散列密码字符串.我不希望我的所有用户都更改他们的密码，因为我要切换到 Laravel，是否可以让 Auth 类使用 md5，这样我的用户就不必切换密码了?:)

As I'm switching over to laravel, I wish to use the Auth::attempt unfortunately it uses its own method to hash password strings. I don't want all my users to change their password, because I'm switching to laravel, is it possible to make the Auth class use md5 instead, so my users don't have to switch password? :)

如果是，有人可以告诉我怎么做吗?

If yes, can someone show me how?

推荐答案

MD5 已经过时了.我建议你不要试图保留它.相反，当用户第一次登录并且 Auth::attempt 失败时，您应该尝试将他们的密码与数据库作为 MD5 进行比较

MD5 is horribly outdated. I recommend that you don't try to keep it. Instead, when a user first logs in, and Auth::attempt fails, you should then try to compare their password to the database as MD5

$user = User::where('username', '=', Input::get('username'))->first();

if(isset($user)) {
    if($user->password == md5(Input::get('password'))) { // If their password is still MD5
        $user->password = Hash::make(Input::get('password')); // Convert to new format
        $user->save();
        Auth::login(Input::get('username'));
    }
}

这篇关于Laravel Auth - 使用 md5 而不是集成的 Hash::make()的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！