如何验证密码以检查它是否与数据库中的密码相同？

Question

我在 Laravel 中有使用电子邮件和密码登录网站的登录表单。我已经进行了所有验证，除了密码之外一切正常。当我输入错误的密码时，它会进入空白页，我想在密码字段下写一些错误。我看了同样的：密码验证，但它不起作用。任何帮助表示赞赏。这是我的代码。

登录控制器.php

public function login(Request $request)
{
    $rules = [
        'email'    => 'required|email|exists:App\User,email', 
        'password' => 'required|alphaNum|min:5'
    ];

    $validator = Validator::make($request->all(), $rules);

    if ($validator->fails()) {
        $request->session()->put('data', $request->input());
        return redirect()->route('login')
            ->withErrors($validator->errors())
            ->withInput($request->session()->put('data', $request->input()));
    } else {
        $userData = array(
            'email'     => $request->get('email'),
            'password'  => $request->get('password')
        );
    }
    
    if (Auth::attempt($userData)) {
        return redirect()->route('dashboard');
    } else {        
        redirect()->route('login');
    }
}

login.blade.php

<div class="login-page">
    <div class="login-box">
        <div class="card mb-0">
            <div class="card-body login-card-body">
                <p class="login-box-msg font-weight-bold">Sign in to start your session</p>
                <form method="POST" class="mb-4" action="{{route('login') }}">
                    @csrf
                    <div class="input-group mb-3">
                        <input id="email" type="email" placeholder="Email" class="form-control @error('email') is-invalid @enderror" name="email" value="{{ old('email') }}" required autocomplete="email" autofocus>
                        <div class="input-group-append">
                            <div class="input-group-text">
                                <span class="fas fa-user"></span>
                            </div>
                        </div>
                        @error('email')
                        <span class="invalid-feedback" role="alert">
                            <strong>{{ $message }}</strong>
                        </span>
                        @enderror
                    </div>
                    <div class="input-group mb-3">
                        <input id="password" type="password" placeholder="Password" class="form-control @error('password') is-invalid @enderror" name="password" required autocomplete="current-password">
                        <div class="input-group-append">
                            <div class="input-group-text">
                                <span class="fas fa-eye-slash cursor-pointer" style="display: none" onclick="showPassword()"></span>
                                <span class="fas fa-eye cursor-pointer" onclick="showPassword()"></span>
                            </div>
                        </div>
                        @error('password')
                        <span class="invalid-feedback" role="alert">
                            <strong>{{ $message }}</strong>
                        </span>
                        @enderror
                    </div>
                    <div class="float-right">
                        <button type="submit" class="btn btn-primary btn-block font-weight-bold">Sign In</button>
                    </div>
                </form>
            </div>
        </div>
    </div>
</div>

Answer 1

假设您的电子邮件是unique，您首先必须获取$request->email 所在的数据库行：$user = User::where('email', $request->email)->first()

然后您可以使用以下方式进行检查：Hash::check($request->password, $user->password)

https://laravel.com/docs/7.x/hashing

@编辑

要将其添加到规则中，您必须创建一个规则类：php artisan make:rule myRuleName 之后你会这样称呼它：

$rules = [
        'email'    => 'required|email|exists:App\User,email', 
        'password' => ['required','alphaNum','min:5', new myRuleName()],
    ];

在您的自定义规则类中，您会找到一个passes($attribute, $value)function。 现在你可以将我上面写的代码插入到这个方法中。您必须将 $request->password 替换为 $value