Laravel - I have created new users within a view however when i try to sign into their accounts, "credentials do not exist"

0
votes

I am a bit stuck.. I am new to laravel so please excuse my lack of knowledge. In my application I have 3 types of users. Admin, Instructor & Student. To begin with I created three users for these roles in my UsersTableSeeder and hashed their passwords.

As I develop my system I have created a 'create users form' that admins only have access to. However when I try to sign in with users created via this form apparently their "credentials do not exist". I am assuming this could be related to the fact that their passwords are not storing as hashed in the DB? I understand this is bad practice but I am not aware how to pass a hashed password in a view/controller. Any advice is appreciated.

create.blade.php;

<div class="form-group">
     <label class="required" for="password">Password</label>
           <input class="form-control {{ $errors->has('password') ? 'is-invalid' : '' }}" type="password" name="password" id="password" required>
               @if($errors->has('password'))
                   <div class="invalid-feedback">
                         {{ $errors->first('password') }}
                   </div>
                @endif
</div>

UsersController;

public function create()
{
    $roles = Role::all();
    $courses =Course::all();
    return view('admin.user.create', compact('roles', 'courses'));
}

I hope my image below helps you understand. The users with hashed passwords where either created via the register form or UsersTableSeeder however I need to be able to successfully create a user via the create form. enter image description here

2
phplaravelforms
You hash those passwords too.nice_dev
How can i do this in my view? @vivek_23user12989025
Why will you hash passwords in a view blade file? Best way is to make admin create users. Now, users will get an email saying click this link to verify your account and set a password.nice_dev
@vivek_23 im just trying to make basic functionality work before progressing onto this..user12989025
But you don't hash passwords in a view blade. You do it in the controller using Hash::make('your password text'); like how you did for other users.nice_dev

2 Answers

1
votes

You will need to hash the passwords. That is most likely your issue. So, in your controller method, you will need something like this...

$user = new User;
$user->name = 'user';
$user->email = '[email protected];
$user->password = Hash::make('password');
$user->save();

If you have any custom fields, follow the same principle with each of them.

0
votes

you are correct - the unhashed passwords will cause you a lot of problems. The easiest fix is simply to hash the passwords when creating the users. There is a facade for hashing built into laravel so on create: 

$hashedPassword = Hash::make($request->request->get('password'))
$user = User::create($request->all());
User::where('email', $user->email)->update(['password' => $hashedPassword]);

Please note this code is ripped from an api I wrote a while back where a request was sent to the server with the parameters needed to create a user (think it was just email/password). But yeah essentially the steps are:

1) Create hashed password using the Hash facade and the plaintext password

2) Create your user

3) Immediately update your user with the hashed password.

This means you can also use Hash::check() method when users are logging in: 

        if (Hash::check($request->input('password'), User::where('email', $request->input('email'))->first()->password)) {
            // success, user logs in 
        } else {
            $msg = ['error' => true, 'message' => 'Incorrect password'];

            return response()->json($msg, 200);
        }

Hope this helps!