laravel - Lumen, authentication attempt always returns false (jwt or auth) -
i made small api php lumen framework.
now i'm integrating jwt authentication (following tuto http://laravelista.com/json-web-token-authentication-for-lumen/) application attempt login, returns false...
it doesn't seem problem jwt
directly because token generation works login doesn't work. saw, jwt
use lumen auth::
login, sure tried login auth::attempt()
directly instead of jwtauth::attempt
, result false
too... here code:
try { $validation = $this->validate($request, [ 'email' => 'required|email', 'password' => 'required' ]); $credentials = $request->only('email', 'password'); $isauthenticated = auth::attempt($credentials) || jwtauth::attempt($credentials); $user = user::first(); $token = jwtauth::fromuser($user); $result = [ 'isauthenticated' => $isauthenticated, 'token' => $token ]; // ... catch exceptions + return $result or errors exceptions
i made search correct common mistakes kind of problems, , checked that:
- i have table named
users
- in have
password
column ,email
column (full lowercase names) - db
password
column varchar(140) and tried create , login user this:
$user = new user; $user->email = 'example@domain.com'; $user->password = hash::make('passwordexample'); $user->save(); //and login it: $userdata = array( 'email' => 'example@domain.com', 'password' => 'passwordexample'); return (string) auth::attempt($userdata));
- my auth config contains :
'driver' => env('auth_driver', 'eloquent'), 'model' => env('auth_model', 'app\models\user'), 'table' => env('auth_table', 'users'),
- my
app\models\user
modelimplements illuminate\contracts\auth\authenticatable
, useilluminate\auth\authenticatable
but no changes... 'false' ! can problem?
here framework version use (from composer.json)
"laravel/lumen-framework": "5.1.*", "vlucas/phpdotenv": "~1.0", "doctrine/dbal": "~2.3", "illuminate/mail": "^5.1", "tymon/jwt-auth": "^0.5.6", "basicit/lumen-vendor-publish": "^1.0", "illuminate/support": "5.1.25", "illuminate/routing": "5.1.25"
note : notice same password hashed twice, result not same. read, it's normal , auth knows how check hashed stored password. don't it... how check password if hashed result never same? stores salt each hash?
well... took me while figured out how login properly...
if set password without hashing :
$user = user::select('id', 'email') ->where('email', $email) ->first(); $user->password = $newpassword; $user->save();
and in db inserted, password stored encrypted...
then if try login :
$this->validate($request, [ 'email' => 'required|email|max:255', 'password' => 'required' ]); $credentials = $request->only('email', 'password'); if ( $token = jwtauth::attempt($credentials) ) ...
it works properly.
so problem hashed twice password before inserting it.
but don't understand why it's automatically hashed because saw in doc, have explicitely. if can give me reason, intersted know it.
anyway, should have used hash::needsrehash($hashed)
directly...
Comments
Post a Comment