My Laravel authentication works perfectly. I included password change feature. After changing the password,the login works fine for all users except the first user(uid=”1″). Only the default password hash works well for this user. For other password hashes the login attempt fails. My codes are given below:
User Controller Signin
public function postSignin() {
if (Auth::attempt(array('email'=>Input::get('email'), 'password'=>Input::get('password')))) {
return Redirect::to('users/dashboard')->with(array('message' => 'You are now logged in!', 'email' => Input::get('email')));
} else {
return Redirect::to('users/login')
->with('message', 'Your username/password combination was incorrect')
->withInput();
}
}
Table Schema
Schema::create('users', function($table)
{
$table->increments('id');
$table->string('firstname', 20);
$table->string('lastname', 20);
$table->string('email', 100)->unique();
$table->string('password', 255);
$table->string('remember_token', 255);
$table->timestamps();
});
Password Change Controller function
public function postUpass() {
$user = User::find(Input::get('uid'));
if((Input::get('password'))==(Input::get('passconf'))){
$user->password = Hash::make(trim(Input::get('password')));
$user->save();
echo "Done";
//echo Hash::make(trim(Input::get('password')));
}
else {
echo "Check Passwords Again";
}
Someone please help me with this.
I can’t comment yet, so I have to ask for your view by posting an answer. Though I would like to also suggest changing the way you are accessing the user in the postUpass function as that could easily be changed by the end user to update another user’s password.
//change this
$user = User::find(Input::get('uid'));
//to this
$user = Auth::user();
//since the user needs to be logged in
//to change their password anyway
Also, are you saying that once you post to the postUpass function you are always being returned the ‘Check passwords again’ notice?