Fatal编程技术网
  • laravel/
  • 如何将md5密码转换为laravel加密方法

如何将md5密码转换为laravel加密方法

laravel encryption laravel-5

如何将md5密码转换为laravel加密方法,laravel,encryption,laravel-5,md5,password-encryption,Laravel,Encryption,Laravel 5,Md5,Password Encryption,我想将我现有的项目重新开发到laravel 在我的旧系统中,我将密码存储到md5中 现在我如何根据现有用户的laravel哈希方法转换它 有什么直接的方法吗?不幸的是没有 实现这一点的唯一方法是开发应用程序的新行为(用laravel编写),允许用户使用旧的md5哈希密码登录,然后强制更改密码,或者-因为您可以在登录过程中获取用户密码-通过更新登录的用户模型,使用laravels哈希方法存储密码。只有用户应该更改其密码(因为您看不到他们的密码)。因此,您应该为它们发送一个重置密码链接,然后使用La

我想将我现有的项目重新开发到laravel

在我的旧系统中,我将密码存储到md5中

现在我如何根据现有用户的laravel哈希方法转换它

有什么直接的方法吗?

不幸的是没有

实现这一点的唯一方法是开发应用程序的新行为(用laravel编写),允许用户使用旧的md5哈希密码登录,然后强制更改密码,或者-因为您可以在登录过程中获取用户密码-通过更新登录的用户模型,使用laravels哈希方法存储密码。

只有用户应该更改其密码(因为您看不到他们的密码)。因此,您应该为它们发送一个重置密码链接,然后使用Laravel哈希方法更新密码

有什么直接的方法吗

不,没有直接的方法,但是您可以通过覆盖
Auth/AuthController.php中的
postLogin
来实现这一点,因此它将检查密码是否为
md5
格式,然后使用laravel哈希方法重新加密,否则用户将正常连接,如:


public function postLogin(Request $request)
{
    $this->validate($request, [
        'login' => 'required', 'password' => 'required',
    ]);
    $credentials = $this->getCredentials($request);

    //Get the user
    $user = User::where('login', $request->login)->first();

    //If Hached by bcrypt
    if (Auth::attempt($credentials, $request->has('remember'))) 
    {
        return redirect()->intended($this->redirectPath());
    }
    else //Else if Hached by md5
    {
        if( $user && $user->password == md5($request->password) )
        {
            $user->password = Hash::make($request->password);
            $user->save();

            if($user->authorized){
                $user->save();

                Auth::login($user);
            }else
                Auth::logout();
        }
    }

    return redirect($this->loginPath())
        ->withInput($request->only('login', 'remember'))
        ->withErrors([
            'login' => $this->getFailedLoginMessage(),
        ]);
}



希望这能有所帮助。
这是我发现的最简单的解决方案,适用于Laravel 7

我发现这个的来源:

我当前使用的方法是密码方法的单列。我已经使用使用laravel迁移的密码列中的MD5哈希密码将我的老用户导入数据库。然后,它转换单个值。我使用的是Laravel提供的默认身份验证UI

与其他人提到的步骤相同,打开AuthenticatesUsers.php文件并将登录函数复制到LoginController.php中

在文件的顶部

加:

然后在登录函数中包含上述方法:


// check the md5 password and change md5 to bcrypt if the user was found
        $user = User::where('email', $request->email)
                ->where('password',md5($request->password))
                ->first();
        if (!empty($user->id)) {
            $user->password = bcrypt($request->input('password'));
            $user->save();
        }


最终文件:


<?php

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use Illuminate\Foundation\Auth\AuthenticatesUsers;

use Illuminate\Http\Request;

use App\User;

class LoginController extends Controller
{
    /*
    |--------------------------------------------------------------------------
    | Login Controller
    |--------------------------------------------------------------------------
    |
    | This controller handles authenticating users for the application and
    | redirecting them to your home screen. The controller uses a trait
    | to conveniently provide its functionality to your applications.
    |
    */

    use AuthenticatesUsers;

    /**
     * Where to redirect users after login.
     *
     * @var string
     */
    protected $redirectTo = RouteServiceProvider::HOME;

    /**
     * Create a new controller instance.
     *
     * @return void
     */
    public function __construct()
    {
        $this->middleware('guest')->except('logout');
    }

    /**
     * Handle a login request to the application.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Http\Response|\Illuminate\Http\JsonResponse
     */
    public function login(Request $request)
    {
        // check the md5 password and change md5 to bcrypt if the user was found
        $user = User::where('email', $request->email)
                ->where('password',md5($request->password))
                ->first();
        if (!empty($user->id)) {
            $user->password = bcrypt($request->input('password'));
            $user->save();
        }

        $this->validateLogin($request);

        // If the class is using the ThrottlesLogins trait, we can automatically throttle
        // the login attempts for this application. We'll key this by the username and
        // the IP address of the client making these requests into this application.
        if (method_exists($this, 'hasTooManyLoginAttempts') &&
            $this->hasTooManyLoginAttempts($request)) {
            $this->fireLockoutEvent($request);

            return $this->sendLockoutResponse($request);
        }

        if ($this->attemptLogin($request)) {
            return $this->sendLoginResponse($request);
        }

        // If the login attempt was unsuccessful we will increment the number of attempts
        // to login and redirect the user back to the login form. Of course, when this
        // user surpasses their maximum number of attempts they will get locked out.
        $this->incrementLoginAttempts($request);

        return $this->sendFailedLoginResponse($request);
    }
}





<?php

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use App\Providers\RouteServiceProvider;
use Illuminate\Foundation\Auth\AuthenticatesUsers;

use Illuminate\Http\Request;

use App\User;

class LoginController extends Controller
{
    /*
    |--------------------------------------------------------------------------
    | Login Controller
    |--------------------------------------------------------------------------
    |
    | This controller handles authenticating users for the application and
    | redirecting them to your home screen. The controller uses a trait
    | to conveniently provide its functionality to your applications.
    |
    */

    use AuthenticatesUsers;

    /**
     * Where to redirect users after login.
     *
     * @var string
     */
    protected $redirectTo = RouteServiceProvider::HOME;

    /**
     * Create a new controller instance.
     *
     * @return void
     */
    public function __construct()
    {
        $this->middleware('guest')->except('logout');
    }

    /**
     * Handle a login request to the application.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return \Illuminate\Http\RedirectResponse|\Illuminate\Http\Response|\Illuminate\Http\JsonResponse
     */
    public function login(Request $request)
    {
        // check the md5 password and change md5 to bcrypt if the user was found
        $user = User::where('email', $request->email)
                ->where('password',md5($request->password))
                ->first();
        if (!empty($user->id)) {
            $user->password = bcrypt($request->input('password'));
            $user->save();
        }

        $this->validateLogin($request);

        // If the class is using the ThrottlesLogins trait, we can automatically throttle
        // the login attempts for this application. We'll key this by the username and
        // the IP address of the client making these requests into this application.
        if (method_exists($this, 'hasTooManyLoginAttempts') &&
            $this->hasTooManyLoginAttempts($request)) {
            $this->fireLockoutEvent($request);

            return $this->sendLockoutResponse($request);
        }

        if ($this->attemptLogin($request)) {
            return $this->sendLoginResponse($request);
        }

        // If the login attempt was unsuccessful we will increment the number of attempts
        // to login and redirect the user back to the login form. Of course, when this
        // user surpasses their maximum number of attempts they will get locked out.
        $this->incrementLoginAttempts($request);

        return $this->sendFailedLoginResponse($request);
    }
}