如何更改/自定义密码字段名称Laravel 4和5 Laravel用户认证 [英] How to change / Custom password field name for Laravel 4 and Laravel 5 user authentication

问题描述

我想使用Laravel身份验证时更改数据库的密码字段。我希望我在用户列表中有名称 passwd文件，而不是密码。我试图运行是这样的：

 验证::尝试（阵列（
    'USER_NAME'=＆GT; '管理员'，
    'passwd文件'=＆GT; hardpass'，
））;
 

，但它不工作。

我也试过在用户模型下面的函数添加：

 公共职能getAuthPassword（）{
    返回$这个 - ＆GT; passwd文件;
}
 

但它也改变不了什么。用户仍然没有得到验证。是否有可能在Laravel在数据库中更改密码的字段名？

解决方案

信息

您可以在数据库中轻松更改所有其他领域，并利用它们进行身份验证。唯一的问题是与密码字段。

在事实上密码字段是在Laravel某种方式硬codeD（但不是这样，许多人认为），所以你不能仅仅通过数组作为​​你传递你的问题。

如果你传递数组尝试（也可能是其他身份验证功能，如验证或<$ C $默认C>曾经）如果你这样做是这样的：

 验证::尝试（阵列（
    'USER_NAME'=＆GT; '管理员'，
    '密码'=＆GT; hardpass'，
））;
 

默认雄辩驱动程序将运行下面的查询：

 从`users`选择*其中`user_name` ='管理员'限制1;
 

从数据库中获取这些数据会比较你与已创建用户对象密码财产给了密码后。

但如果你只是使用：

 验证::尝试（阵列（
    'USER_NAME'=＆GT; '管理员'，
    'passwd文件'=＆GT; hardpass'，
））;
 

下面的查询将运行：

 从`users`选择*其中`user_name` ='管理'和'passwd` ='hardpass限制1;
 

和没有用户将在数据库中找到（在 passwd文件您存储哈希密码）。这是因为，从雄辩的查询中删除密码，但使用其它任何数据来运行查询。此外，如果你试图在这里使用'passwd文件'=＆GT;哈希：使（$数据['密码']）虽然用户会发现，在比较的密码将无法工作。

解决方案

解决方案是很容易的。你需要运行验证::尝试是这样的：

 验证::尝试（阵列（
    'USER_NAME'=＆GT; '管理员'，
    '密码'=＆GT; hardpass'，
））;
 

如你所见，你仍然可以通过密码为重点（虽然此列不退出在用户表）因为只有这样，雄辩的驱动程序将不能用于构建查询。

在用户模式（应用程序/模型/ user.php的）的文件，你需要添加的功能

现在

 公共职能getAuthPassword（）{
    返回$这个 - ＆GT; passwd文件;
}
 

当你看到你这里真的存在于数据库中的列中使用 passwd文件。

使用这种方式你可以有密码命名为任何你想要的列，你仍然可以使用默认雄辩的驱动。

的样本数据来测试

我已经创建了非常简单的测试吧。

您只需要更换你的应用程序/ routes.php文件通过以下文件：

 路线::得到（'/'，函数（）{    如果（AUTH ::检查（））{
        回声我的身份登录。验证用户::（） -  GT; USER_NAME。 ＆LT; BR /＆gt;中;
        回声＆LT; A HREF ='/注销'＆GT;注销＆LT; / A＆gt;中;
    }其他{
        回声我不是上述＆lt记录; BR /＆gt;中;
        验证::尝试（阵列（
            'USER_NAME'=＆GT; '管理员'，
            '密码'=＆GT; hardpass'，
        ））;
        如果（AUTH ::检查（））{
            回声现在我的身份登录。验证用户::（） -  GT; USER_NAME。 ＆LT; BR /＆gt;中;
            回声＆LT; A HREF ='/注销'＆GT;注销＆LT; / A＆gt;中;
        }其他{
            回声我还没有上述＆lt记录; BR /＆gt;中;
        }
    }
}）;路线::得到（'/注销'，函数（）{
    验证::注销（）;
    返回您已被注销;
}）;
路线::得到（'/ DB'，函数（）{    如果（！架构:: hasTable（用户））{
        模式：创建（用户，函数（$表）{
            $表 - ＆GT;发动机='InnoDB的';
            $表 - ＆GT;的增量（'身份证'）;
            $表 - ＆GT;字符串（'USER_NAME'，60） -  GT;唯一的（）;
            $表 - ＆GT;字符串（'passwd文件'，256）;
            $表 - ＆GT; rememberToken（）;
            $表 - ＆GT;时间戳（）;
        }）;        DB：表（用户） -  GT;插入（
            [
                [
                    'USER_NAME'=＆GT; '管理员'，
                    'passwd文件'=＆GT;哈希::让（'hardpass'），
                ]
            ]
        ）;
    }    回声表用户已创建;
}）;
 

1. 创建于应用程序/配置/ database.php中空数据库，然后设置连接数据


2. 现在，你可以运行 / DB URL，例如的http：//本地主机/命名为yourprojectname / DB 只是为了创造用户表。


3. 现在，你可以运行 / URL，例如的http：//本地主机/命名为yourprojectname / - 正如你看到的用户在即使在用户登录表中的数据库没有任何密码列（认证数据因为没有任何形式，但当然在实际应用中，你将添加的话）的字符串传递。您可以一次运行这个网址更多的时间 - 当你看到用户仍然处于登录状态，因此按预期工作


4. 如果您点击注销链接，你将被注销

Laravel 5变更为上述

本溶液中Larave 4.2.9（如上一切）以及在Laravel 5.测试在Laravel5一切正常相同，但您在不同的路径需要当然编辑文件：

1. 用户模式在应用程序/ user.php的文件


2. 路线是应用程序/ HTTP / routes.php文件文件


3. 数据库配置文件是在的config / database.php中文件

I would like to change password field in database when using Laravel authentication. I want my column in users table has name passwd and not password. I tried to run something like this:

Auth::attempt(array(
    'user_name' => 'admin',
    'passwd' => 'hardpass',
));

but it doesn't work.

I also tried to add in User model the following function:

public function getAuthPassword() {
    return $this->passwd;
}

but it also changes nothing. User is still not being authenticated. Is it possible in Laravel to change password field name in database ?

解决方案

Information

You can change easy all other fields in database and use them for authentication. The only problem is with password field.

In fact password field is in some way hard coded in Laravel (but not the way many think) so you cannot just pass array as you passed in your question.

By default if you pass array to attempt (and probably other Auth functions like validate or once) if you do it this way:

Auth::attempt(array(
    'user_name' => 'admin',
    'password' => 'hardpass',
));

default Eloquent driver will run the following query:

select * from `users` where `user_name` = 'admin' limit 1;

After getting this data from database it will compare password you gave with password property for User object that was created.

But if you simply use:

Auth::attempt(array(
    'user_name' => 'admin',
    'passwd' => 'hardpass',
));

the following query will be run:

select * from `users` where `user_name` = 'admin' and `passwd` = 'hardpass' limit 1;

and no user will be found in database (in passwd you store hashed password). This is because Eloquent removes from query password but use any other data to run query. Also if you try here to use 'passwd' => Hash:make($data['password']) although user will be found, comparing password won't work.

Solution

Solution is quite easy. You need to run Auth::attempt like this:

Auth::attempt(array(
    'user_name' => 'admin',
    'password' => 'hardpass',
));

As you see you still pass password as key (although this column doesn't exits in users table) because only this way Eloquent driver won't use it for building query.

Now in User model (app/models/User.php) file you need to add the following function:

public function getAuthPassword() {
    return $this->passwd;
}

As you see you use here the column that really exists in database: passwd.

Using it this way you can have column with password named anything you want and you can still use default Eloquent driver for it.

Sample data to test

I've created very simple test for it.

You just need to replace your app/routes.php file with the following:

Route::get('/', function () {

    if (Auth::check()) {
        echo "I'm logged in as " . Auth::user()->user_name . "<br />";
        echo "<a href='/logout'>Log out</a>";
    } else {
        echo "I'm NOT logged in<br />";


        Auth::attempt(array(
            'user_name' => 'admin',
            'password'  => 'hardpass',
        ));


        if (Auth::check()) {
            echo "Now I'm logged in as " . Auth::user()->user_name . "<br />";
            echo "<a href='/logout'>Log out</a>";
        } else {
            echo "I'm still NOT logged in<br />";
        }
    }


});

Route::get('/logout', function () {
    Auth::logout();
    return "You have been logged out";
});


Route::get('/db', function () {

    if (!Schema::hasTable('users')) {


        Schema::create('users', function ($table) {
            $table->engine = 'InnoDB';
            $table->increments('id');
            $table->string('user_name', 60)->unique();
            $table->string('passwd', 256);
            $table->rememberToken();
            $table->timestamps();
        });

        DB::table('users')->insert(
            [
                [
                    'user_name' => 'admin',
                    'passwd'    => Hash::make('hardpass'),
                ]
            ]
        );
    }

    echo "Table users has been created";
});

1. Create empty database and set connection data in app/config/database.php
2. Now you can run /db url for example http://localhost/yourprojectname/db just to create users table.
3. Now you can run / url for example http://localhost/yourprojectname/ - as you see user is logged in even if in users table in database you don't have any password column (data for authentication has been passed as strings without any forms but of course in real application you will add them) . You can run this url once more time - as you see user is still logged so it is working as expected.
4. If you click on Log out link, you will be logged out

Laravel 5 changes for above

This solution was tested in Larave 4.2.9 (everything as above) and also in Laravel 5. In Laravel5 everything works the same but you need of course edit files in different paths:

1. User model is in app/User.php file
2. routes are in app/Http/routes.php file
3. Database config file is in config/database.php file

这篇关于如何更改/自定义密码字段名称Laravel 4和5 Laravel用户认证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！