Laravel 5.4 error messages displays inappropriate field

2
votes

I am using laravel 5.4 make:auth. In the login page,I enter a valid email address and wrong password.The error message displays "These credentials do not match our records" highlighting the Email address field instead of password field. Login page with wrong password entered

have a entry in user table.valid email in usertable

I know that, the custom error messages displayed from resources\lang\en\auth.php 'failed' => 'These credentials do not match our records.', 'throttle' => 'Too many login attempts. Please try again in :seconds seconds.',

No changes done in form login.blade.php and registercontroller.php

Why is it highlighting the email address box instead of password box and throwing error there.

2
phplaravelauthenticationloginlaravel-5.4
The idea is to prevent from spamming so they wont know what field is invalid.usrNotFound

2 Answers

0
votes

If you read the error message it says "These credentials do not match our records." which is accurate. The email/password combo is incorrect. Often this is desirable because you don't want to let a would be hacker know that they have guessed the email address. It shows up on the email field because there isn't a general error for the page.

1
votes

This view doesn't have a general area for displaying all error messages, only for the form fields. The controller assigns this error to the username field so it can show up on the page. It does not know what part of the credentials were incorrect, just that the user was not able to login with them.