Laravel: How can I change the default Auth Password field name?

Question

I am currently working on my first laravel project and I am facing a problem.

If you have experience with laravel you probably know that by calling php artisan make:auth you will get a predefined mechanism that handles login and registration.

This mechanism is set to understand a couple of commonly used words in order to automate the whole procedure.

The problem that occurs in my case is that I am using oracle db and it won't let me have a table column with the name of password because its a system keyword and it throws errors when trying to insert a user.

So far, I have tried to change my password column to passwd and it worked in my registration form as expected. The User row was successfully inserted and my page was redirected to /home.

But when I try to logout and then relogin, I get this error telling me that my credentials are not correct:

As for my code, I have changed my RegisterController.php so that it takes username instead of email

protected function validator(array $data)
{
    return Validator::make($data, [
        'username' => 'required|max:50|unique:ECON_USERS',
        'passwd' => 'required|min:6|confirmed',
    ]);
}

protected function create(array $data)
{
    return User::create([
        'username'   => $data['username'],
        'passwd'     => bcrypt($data['passwd'])
    ]);
}

The User $fillable

protected $fillable = [
    'username', 'passwd'
];

I am guessing that Auth is trying to authenticate with email and not username or that Auth is searching for password and not passwd.

Issues like these keep me from proposing Laravel 5.4 for new project. I am struggling with the same issue. Although in my case I changed the table name and password field name and have to add bunch of other field in the custom user table. Don't know how to get the logincontroller working again using the eloquant model for User and driver. — Andy, Aug 07 '17 at 19:06

Gaurav · Accepted Answer · 2016-09-08T05:47:18.283

57

For having username instead of email, you can overwrite username() in your LoginController.php

/**
 * Get the login username to be used by the controller.
 *
 * @return string
 */
public function username()
{
    return 'username';
}

And for passwd instead of password, you can do define an accessor in your App\User.php

/**
 * Get the password for the user.
 *
 * @return string
 */
public function getAuthPassword()
{
    return $this->passwd;
}

login.blade.php : Replace email input with username but do not change the name of the input for password.

edited Sep 08 '16 at 05:47

answered Sep 08 '16 at 04:05

Gaurav

1,942
19
31

@D.Intziadis I hope username worked as well. I haven't tested that part myself. – Gaurav Sep 08 '16 at 09:29
LoginController is still not working in Laravel5.4 after changing the User Model as per answer below. I see the same error message while login as per above. Register User worked though. – Andy Aug 07 '17 at 19:13
@Andy Did you change the password column as well? – Gaurav Aug 09 '17 at 07:17
@Gaurav yes. I changed the Table name, Primary key column and password column name as well and in fact I have more column in my User table than the default users base table used in Laravel5.4. – Andy Aug 09 '17 at 20:05
@Andy I think password column name cannot be changed as that name is used statically in the framework code for checking the credentials. – Gaurav Aug 11 '17 at 04:09
1

For 5.4 you can add an accessor for password and return your custom field name. `public function getPasswordAttribute` and `return $this->myCustomPasswordName`. – lombervid Apr 02 '18 at 20:58
It also works for Laravel Breeze starter In your selected authentication model, add this code public function getAuthPassword() { return $this->[CUSTOM PASSWORD COLUMN NAME]; } – Mario Ariyanto Jun 13 '23 at 07:46

score 4 · Answer 2 · answered May 31 '17 at 14:20

4

Use this. It's work for me.

So far I have changed the User.php

public function getAuthPassword(){  
    return $this->senha;
}

and

public function setPasswordAttribute($value)
    {
        $this->attributes['password'] = bcrypt($value);
    }

Also on LoginController.php

public function username()
{
    return 'usuario';
}

answered May 31 '17 at 14:20

Fernando Aires

41
2

Why do you call bcrypt? The value should already be encrypted – ykay says Reinstate Monica Mar 25 '19 at 16:29

score 2 · Answer 3 · answered Sep 07 '16 at 16:21

In the app/Http/Controllers/Auth/LoginController override the default class by adding:

/**
 * Validate the user login request.
 *
 * @param  \Illuminate\Http\Request  $request
 * @return void
 */
protected function validateLogin(Request $request)
{
    $this->validate($request, [
        $this->username() => 'required', 'passwd' => 'required',
    ]);
}

Don't forget to add use Illuminate\Http\Request;

It could be you have to add this too to your LoginController.

/**
     * Get the needed authorization credentials from the request.
     *
     * @param  \Illuminate\Http\Request  $request
     * @return array
     */
    protected function credentials(Request $request)
    {
        return $request->only($this->username(), 'passwd');
    }

That should do it.

I had a good feeling about this but i still get wrong credentials :/ Is there any way i can log this? to search further for the problem? — D.Intziadis, Sep 07 '16 at 20:17
Sorry I just tested it and these changes does not work in Laravel5.4. — Andy, Aug 07 '17 at 19:01

score 1 · Answer 4 · answered Dec 05 '19 at 02:57

If you are using the latest version. I am returning it like the following code below for a custom password field. On my end, I am using Lumen 6.x though it would apply to current version of Laravel also.

/**
 * Get the custom password field for the user.
 *
 * @return string
 */
public function getAuthPassword()
{
    return $this->custom_password_field_here;
}

Niyaz · Answer 5 · 2019-02-22T08:21:21.200

In Laravel 5.7 beside above answer you must change EloquentUserProvider class. search in the file for 'password' word in lines (107,117, and 140) you found 'password' word and change it with new name, and this is all solustion.

In User Model add this method :

public function getAuthPassword(){
    return $this->new_password_name;
}

In LoginController add this :

protected function validateLogin(Request $request){
    $this->validate($request, [
        $this->username() => 'required',
        'new_password_name' => 'required',
    ]);
}
protected function credentials(Request $request)
{
    return $request->only($this->username(), 'new_password_name');
}
public function username()
{
    return 'new_username';//or new email name if you changed
}

In login.blade.php change id and name of html element.
In EloquentUserProvider class inside validateCredentials and retrieveByCredentials function change 'password' word with the new name.

Edit :I change EloquentUserProvider class but if you think changing laravel class is a bad practice you can create custom provider and override the retrieveByCredentials and validateCredentials functions in the custom provider.

You should never update any files in the vendor directory. So updating `EloquentUserProvider` directly is very bad practice. Don't do it. Instead create a new class that extends the user provider, override the methods you need then register the new class to replace `EloquentUserProvider` — jfadich, Feb 21 '19 at 22:26
99% of time you shouldn't change vendor codes. But in some rare case you can. You just have to setup an automatic way to change it on deployment. I remember having 2 issues with Laravel 5.0 codes and a DB Backup package that has bugs fixed only in Laravel 5.1+. So instead of loosing all time upgrading to 5.1 and after 5.7, I just hacked it. And later I upgrade to 5.7 were bugs didn't exist anymore. So thanks both of you for pointing the responsible method and to extend and override instead. And some limited server access with ftp does not conflict with vendor hacking — KeitelDOG, Mar 30 '19 at 01:35

score 0 · Answer 6 · answered May 14 '20 at 14:50

IN Custom Controller

public function login(Request $request){

    if (Auth::attempt(['email' => $request->email,'password' => $request->password], false)){

         return redirect()->intended(route('subportal.dashboard'));
    }

    return $this->sendFailedLoginResponse($request);
}

protected function validateLogin(Request $request)
{
    $this->validate($request, [
        $this->username() => 'required', 'password' => 'required',
    ]);
}

/**
 * Get the login username to be used by the controller.
 *
 * @return string
 */
public function username()
{
    return 'email';
}

In App/Users.php

public $table = "customer";
protected $primaryKey = 'cust_id';
/**
 * The attributes that are mass assignable.
 *
 * @var array
 */
protected $fillable = [
    'name', 'pass', 'email','record_date',
];

public function getAuthPassword() {
    return $this->pass;
}

score -2 · Answer 7 · answered Sep 08 '16 at 04:15

In your AuthController.php (Located in app/http/Controllers/Auth)

public function postLogin(Request $request)
{
    $this->validate($request, [
                'username' => 'required',
                'password' => 'required',
    ]);

    $credentials = ($request->only('username', 'password'));
    if ($this->auth->attempt($credentials)) {
       //do something, credentials is correct!   
    }
    return "Ops! snap! seems like you provide an invalid login credentials";

}

Laravel: How can I change the default Auth Password field name?

7 Answers7

Linked

Related