How to get rid of bcrypt in laravel

Question

The reason I would like to get rid of bcrypt(for the moment,while developing) is because I'm creating an admin android app and I'm connecting it to the database .I have been having issues when I create a user from the app ,they cannot login into the webiste.The bcrypt came with the Auth installation. [![enter image description here][1]][1]

I have figured out that the issued that is causing this problem is bcrypt .I can't seemed to find a way to remove the .

I want to remove the website requiring the user to have their password being bcrypted

I have tried in RegisterController 'password' => bcrypt($data['password']) the bcrypt but that has not worked

<?php

namespace App\Http\Controllers\Auth;

use App\User;
use App\Http\Controllers\Controller;
use Illuminate\Support\Facades\Validator;
use Illuminate\Foundation\Auth\RegistersUsers;

class RegisterController extends Controller
{
    /*
    |--------------------------------------------------------------------------
    | Register Controller
    |--------------------------------------------------------------------------
    |
    | This controller handles the registration of new users as well as their
    | validation and creation. By default this controller uses a trait to
    | provide this functionality without requiring any additional code.
    |
    */

    use RegistersUsers;

    /**
     * Where to redirect users after registration.
     *
     * @var string
     */
    protected $redirectTo = '/home';

    /**
     * Create a new controller instance.
     *
     * @return void
     */
    public function __construct()
    {
        $this->middleware('guest');
    }

    /**
     * Get a validator for an incoming registration request.
     *
     * @param  array  $data
     * @return \Illuminate\Contracts\Validation\Validator
     */
    protected function validator(array $data)
    {
        return Validator::make($data, [
            'name' => 'required|string|max:255',
            'email' => 'required|string|email|max:255|unique:users',
            'password' => 'required|string|min:6|confirmed',
        ]);
    }

    /**
     * Create a new user instance after a valid registration.
     *
     * @param  array  $data
     * @return User
     */
    protected function create(array $data)
    {
        return User::create([
            'name' => $data['name'],
            'email' => $data['email'],
            'password' => bcrypt($data['password']),
        ]);
    }
}

This LoginController.php

<?php

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\AuthenticatesUsers;

class LoginController extends Controller
{
    /*
    |--------------------------------------------------------------------------
    | Login Controller
    |--------------------------------------------------------------------------
    |
    | This controller handles authenticating users for the application and
    | redirecting them to your home screen. The controller uses a trait
    | to conveniently provide its functionality to your applications.
    |
    */

    use AuthenticatesUsers;

    /**
     * Where to redirect users after login.
     *
     * @var string
     */
    protected $redirectTo = '/home';

    /**
     * Create a new controller instance.
     *
     * @return void
     */
    public function __construct()
    {
        $this->middleware('guest')->except('logout');
    }
}

This is my login.blade.php

@extends('layouts.app')

@section('content')
<div class="container">
    <div class="row">
        <div class="col-md-8 col-md-offset-2">
            <div class="panel panel-default">
                <div class="panel-heading">Login</div>
                <div class="panel-body">
                    <form class="form-horizontal" role="form" method="POST" action="{{ route('login') }}">
                        {{ csrf_field() }}

                        <div class="form-group{{ $errors->has('email') ? ' has-error' : '' }}">
                            <label for="email" class="col-md-4 control-label">E-Mail Address</label>

                            <div class="col-md-6">
                                <input id="email" type="email" class="form-control" name="email" value="{{ old('email') }}" required autofocus>

                                @if ($errors->has('email'))
                                    <span class="help-block">
                                        <strong>{{ $errors->first('email') }}</strong>
                                    </span>
                                @endif
                            </div>
                        </div>

                        <div class="form-group{{ $errors->has('password') ? ' has-error' : '' }}">
                            <label for="password" class="col-md-4 control-label">Password</label>

                            <div class="col-md-6">
                                <input id="password" type="password" class="form-control" name="password" required>

                                @if ($errors->has('password'))
                                    <span class="help-block">
                                        <strong>{{ $errors->first('password') }}</strong>
                                    </span>
                                @endif
                            </div>
                        </div>

                        <div class="form-group">
                            <div class="col-md-6 col-md-offset-4">
                                <div class="checkbox">
                                    <label>
                                        <input type="checkbox" name="remember" {{ old('remember') ? 'checked' : '' }}> Remember Me
                                    </label>
                                </div>
                            </div>
                        </div>

                        <div class="form-group">
                            <div class="col-md-8 col-md-offset-4">
                                <button type="submit" class="btn btn-primary">
                                    Login
                                </button>

                                <a class="btn btn-link" href="{{ route('password.request') }}">
                                    Forgot Your Password?
                                </a>
                            </div>
                        </div>
                    </form>
                </div>
            </div>
        </div>
    </div>
</div>
@endsection

Web.php

    <?php
    //use Illuminate\Http\Request;
    /*
    |--------------------------------------------------------------------------
    | Web Routes
    |--------------------------------------------------------------------------
    |
    | Here is where you can register web routes for your application. These
    | routes are loaded by the RouteServiceProvider within a group which
    | contains the "web" middleware group. Now create something great!
    |
    */

    Route::get('/', function () {
        return view('welcome');
    });

    Route::get('/test', function () {
        return Auth::user()->test();
    });

    Auth::routes();


    Route::any('/home', 'HomeController@index')->name('home');

    Route::group(['as' => 'user.'], function () {


        Route::get('/front', function () {
            return view('front');
        });
        Route::get('/settings', ['as' => 'settings', 'uses' => 'ProfileController@viewSettings']);
        Route::post('/settings', ['as' => 'settings', 'uses' => 'ProfileController@saveSettings']);
        Route::any('/profile/{userId}', ['as' => 'profile', 'uses' => 'ProfileController@viewProfile']);
        Route::get('/search/{query?}', ['as' => 'search', 'uses' => 'SearchController@search']);

        Route::get('users', function () {
            return User::find(1)->toJson();
        });

        Route::get('/chat', function () {
            return view('chat');
        });

        Route::get('/calendar', function () {
            return view('calendar');
        });

        Route::resource('events', 'EventsController', ['only' => ['index', 'store', 'update', 'destroy']]);

        //Friends route
        Route::post('/friends/request', ['as' => 'friends', 'uses' => 'FriendsController@sendRequest']);
        Route::get('/friends/viewReq', ['as' => 'friends', 'uses' => 'FriendsController@viewFriendReq']);
        Route::post('/friends/reqAction', ['as' => 'friends', 'uses' => 'FriendsController@requestAction']);


        Route::get('/status-delete/{status_id}',['uses' => 'HomeController@getDeleteStatus', 'as'=> 'status.delete',
            'middleware' =>'auth'
        ]);

        Route::get('/edit/{status_id}', 'HomeController@edit');


    });

  [1]: https://i.stack.imgur.com/BFMap.jpg

You shouldn't use `bcrypt` like that when hashing passwords. You should use `password_hash()` and `password_verify()` (which in turn can use bcrypt together with a strong salt and a cost level), which I'm quite sure Laravel has some wrappers for and uses out of the box. — M. Eriksson, Jul 24 '17 at 13:12
@MagnusEriksson it was like that when I `php artisan` it .I didn't understand what you meant ,could please clarify more on it as I m not well informed about this — Lucy, Jul 24 '17 at 13:20
You might want to look at https://stackoverflow.com/questions/20953553/how-to-have-the-same-password-compatible-with-both-java-and-php and use the same secret keys in the java implementatin as you use in laravel. — Tschallacka, Jul 24 '17 at 13:23
Actually this `bcrypt()` call is default Laravel code and is a laravel function, which will call `password_hash()` — Harry, Jul 24 '17 at 13:26
@Tschallacka You shouldn't use any "secret key" when hashing passwords. That more implies that you're actually not hashing, but rather encrypting the passwords or using some global salt. A good password is hashed with a secure unique salt (it gets a new salt each time you hash the password) and PHP's built in `password_hash()` does that for you. — M. Eriksson, Jul 24 '17 at 13:30
I use octobercms, based upon laravel and in app.php config module, there is this secret key option that is used for hashing. I asssumed laravel has the same config option, which it does https://laravel.com/docs/5.4/encryption#configuration — Tschallacka, Jul 24 '17 at 13:36
@Tschallacka Ah, that's not used for password hashing but for Laravels Crypt functions. — M. Eriksson, Jul 24 '17 at 13:46
@MagnusEriksson it seems you're right. heh, I thought they were related somehow. Thanks for letting me dig deeper :-) https://github.com/illuminate/hashing/blob/master/BcryptHasher.php — Tschallacka, Jul 24 '17 at 13:50
you must define some route for your controller method, paste that here — RAUSHAN KUMAR, Jul 24 '17 at 13:50

score 1 · Answer 1 · edited Jul 24 '17 at 13:21

1

You may hash a password by calling the make method on the Hash facade. In your RegisterController just encrypt your password as

'password' => Hash:make($data['password'])

but make sure that, you must include this to use Hash Facade

use Illuminate\Support\Facades\Hash;

After that you can use check method which allows you to verify that a given plain-text string corresponds to a given hash as

if (Hash::check($data['password'], Hash::make($data['password']))) {
    // The passwords match...
}

edited Jul 24 '17 at 13:21

Tschallacka

27,901
14
88
133

answered Jul 24 '17 at 13:13

RAUSHAN KUMAR

5,846
4
34
70

getting this `error with that code :Parse error: syntax error, unexpected ':', expecting ']'` – Lucy Jul 24 '17 at 13:18
yeah, you added `;` at the end of that, i updated my answer now – RAUSHAN KUMAR Jul 24 '17 at 13:20
That didn't work ,I created the username and password through my app with plain text password but I still was not able to login through the website ,it said wrong credentials again – Lucy Jul 24 '17 at 13:30
@Lucy How do you authenticate the user? Add that code to your question. Please let us know the full flow of your application and where it goes wrong. – M. Eriksson Jul 24 '17 at 13:31
from your app, you are calling the RegisterController create method. Am i right? – RAUSHAN KUMAR Jul 24 '17 at 13:31
@MagnusEriksson I have added some more code ,again I want to emphasize that all I did was install the Auth plugin from laravel – Lucy Jul 24 '17 at 13:44

How to get rid of bcrypt in laravel

1 Answers1