Php 验证::尝试未检查用户名和密码
routes.phpPhp 验证::尝试未检查用户名和密码,php,laravel-4,Php,Laravel 4,routes.php //form login Route::get('/', array('before' => 'guest', function() { return View::make('login'); })); // check login Route::post('login', 'HomeController@validate'); HomeController.php class HomeController extends BaseController {
//form login
Route::get('/', array('before' => 'guest', function()
{
return View::make('login');
}));
// check login
Route::post('login', 'HomeController@validate');
HomeController.php
class HomeController extends BaseController {
/*
|--------------------------------------------------------------------------
| Default Home Controller
|--------------------------------------------------------------------------
|
| You may wish to use controllers instead of, or in addition to, Closure
| based routes. That's great! Here is an example controller method to
| get you started. To route to this controller, just add the route:
|
| Route::get('/', 'HomeController@showWelcome');
|
*/
public function validate()
{
// set the remember me cookie if the user check the box
$remember = (Input::has('remember')) ? true : false;
// attempt to do the login
$email = Input::get('username');
$pass = Input::get('password');
$password = Hash::check($remember,$pass);
$credentials = array(
'username' => "'$email'",
'password' => "'$pass'"
);
$auth=Auth::attempt(array(
'username' => "'$email'",
'password' => "'$pass'",
));
if($auth) {
return 'success';
}
else {
return 'auth failed';
}
}
}
User.php
<?php
use Illuminate\Auth\UserInterface;
use Illuminate\Auth\Reminders\RemindableInterface;
class User extends Eloquent implements UserInterface, RemindableInterface {
/**
* The database table used by the model.
*
* @var string
*/
protected $table = 'users';
/**
* The attributes excluded from the model's JSON form.
*
* @var array
*/
protected $hidden = array('password');
/**
* Get the unique identifier for the user.
*
* @return mixed
*/
public function getAuthIdentifier()
{
return $this->getKey();
}
/**
* Get the password for the user.
*
* @return string
*/
public function getAuthPassword()
{
return $this->password;
}
/**
* Get the e-mail address where password reminders are sent.
*
* @return string
*/
public function getReminderEmail()
{
return $this->email;
}
public function getRememberToken()
{
return $this->remember_token;
}
public function setRememberToken($value)
{
$this->remember_token = $value;
}
public function getRememberTokenName()
{
return 'remember_token';
}
}
用户名:imron02
密码:123456通过使用hash::make我已经插入了密码
我知道有这么多用户问过这个问题,但我还是被困在了同一个问题上,每次我的身份验证失败时,您都需要从变量中删除引号$电子邮件和$pass
$auth=Auth::attempt(array
(
'username' => $email,
'password' => $pass,
)
更改此部分:
$credentials = array(
'username' => "'$email'",
'password' => "'$pass'"
);
$auth=Auth::attempt(array(
'username' => "'$email'",
'password' => "'$pass'",
));
为此:
$credentials = array(
'username' => $email,
'password' => $pass
);
$auth=Auth::attempt($credentials);
参考
但在执行此操作时,请确保表中有一个与username对应的列。我不得不提到这一点,因为您提供的用户名似乎不是电子邮件id。用户名和密码组合应该存在于相应的表中,以便进行身份验证
如果您计划使用电子邮件id作为用户名,则需要更改此行:
'username' => $email,
为此:
'email' => $email,
'username' => $email,
'email' => $email,