Home > Software engineering >  How to encrypt password from login input in Laravel?
How to encrypt password from login input in Laravel?

Time:11-07

I am working on a small Laravel application, the problem is with the login, it works fine, but I just found out that the password can be seen if you have the basic knowledge to inspect the request payload. I want to know how can I encrypt the password or what solution can there be for this.

Blade file:

<form role="form" method="POST" action="{{ route('Login') }}">
   @csrf

   <div >
      <div >
         <div >
            <span ><i ></i></span>
         </div>
         <input  placeholder="{{ __('Correo') }}" type="email" name="email" value="{{ old('email') }}" value="[email protected]" required autofocus>
      </div>
      @if ($errors->has('email'))
         <span  style="display: block;" role="alert">
            <strong>{{ $errors->first('email') }}</strong>
         </span>
      @endif
      </div>
      <div >
         <div >
            <div >
               <span ><i ></i></span>
            </div>
            <input  name="password" placeholder="{{ __('Contraseña') }}" type="password" required>
         </div>
           @if ($errors->has('password'))
              <span  style="display: block;" role="alert">
                  <strong>{{ $errors->first('password') }}</strong>
              </span>
           @endif
      </div>
      <div >
         <button type="submit" >{{ __('Iniciar sesión') }}  </button>
      </div>
</form>

Login controller:

public function Login(Request $request)
{
    $credentials = $this->validate(request(),[
        'email'=>'email|required|string',
        'password'=>'required|string'
    ]);

    try
    {
        if(Auth::attempt($credentials))
        {
            $roleStdClass = DB::table('users')->where('email', $credentials['email'])->select('role_idrole')->first();

            $role = current((array) $roleStdClass);

            session(['rol'=> $role]);

            $id = DB::table('users')->where('email', $credentials['email'])->select('id')->first();
            $imgRoute = DB::table('users')->where('email', $credentials['email'])->select('photo')->first(); 
            $idConvert = current((array) $id);
            $userPhoto = current((array) $imgRoute);
            session(['id'=> $idConvert]);
            session(['userEmail' => $credentials['email']]);
            session(['userPhoto' => $userPhoto]);

            if($role == 3)
            {
                return redirect()->route('main');
            }

            return redirect()->route('home');
        }
        else
        {
            return back()->withErrors(['email' => trans('auth.failed')]);
        }   

    }catch(Exception $ex)
    {
        return back()->withErrors(['email' => trans('auth.failed')]);
    }
}

I really don't know how to solve this, any help would be appreciated.

CodePudding user response:

Try it :

'password' => Hash::make($request->yourpassword)

CodePudding user response:

You need to check user once. With password you can check like this:

use Illuminate\Support\Facades\Hash;

$userValidated = DB::table('users')->where(['email' => $credentials['email'],'password'=> Hash::make($credentials['password'])])->first();

Page link:https//www.codepudding.com/Softwareengineering/601120.html

Prev:Why is Rails ignoring validation when I run create
Next:VS Code intelephense shows incorrect error: Undefined method 'save'
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding