猿问

将数据库中的普通密码转换为Laravel加密密码

我有一个名为“users”的表,其中我有来自用户的用户名和密码。

密码为纯文本格式。现在,我使用Laravel 6.0和Auth创建了一个新网站。

因此,如果用户想要登录我的网站,我需要将我的密码纯文本转换为加密的新密码。

我如何从我的身份验证中获取“盐”,以及从我的普通密码和“盐”中获取加密密码的工具。原因是因为我在users表中创建了一个新列,因此我想将使用查询加密的密码放在那里。

运行change_command


波斯汪
浏览 112回答 2
2回答

白猪掌柜的

Laravel立面提供安全的Bcrypt和Argon2哈希来存储用户密码。Hash$password = Hash::make('plain-text-password');该函数使用 Bcrypt 对给定值进行哈希处理。您可以将其用作立面的替代方案:bcryptHash$password = bcrypt('plain-text-password');我如何从我的身份验证中获取“盐”,以及从我的普通密码和“盐”中获取加密密码的工具。根据哈希验证密码该方法允许您验证给定的纯文本字符串是否与给定的哈希相对应。checkif (Hash::check('plain-text-password', $hashedPassword)) {&nbsp; &nbsp; // The passwords match...}更新您可以使用 Command 或创建路由来更改现有客户的“纯文本”密码。创建命令应用程序/控制台/命令/更改密码.php<?phpnamespace App\Console\Commands;use App\User;use Illuminate\Console\Command;use Illuminate\Support\Facades\Hash;class ChangePassword extends Command{&nbsp; &nbsp; /**&nbsp; &nbsp; &nbsp;* The name and signature of the console command.&nbsp; &nbsp; &nbsp;*&nbsp; &nbsp; &nbsp;* @var string&nbsp; &nbsp; &nbsp;*/&nbsp; &nbsp; protected $signature = 'change-password';&nbsp; &nbsp; /**&nbsp; &nbsp; &nbsp;* The console command description.&nbsp; &nbsp; &nbsp;*&nbsp; &nbsp; &nbsp;* @var string&nbsp; &nbsp; &nbsp;*/&nbsp; &nbsp; protected $description = 'Plain-text password changer';&nbsp; &nbsp; /**&nbsp; &nbsp; &nbsp;* Create a new command instance.&nbsp; &nbsp; &nbsp;*&nbsp; &nbsp; &nbsp;* @return void&nbsp; &nbsp; &nbsp;*/&nbsp; &nbsp; public function __construct()&nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; parent::__construct();&nbsp; &nbsp; }&nbsp; &nbsp; /**&nbsp; &nbsp; &nbsp;* Execute the console command.&nbsp; &nbsp; &nbsp;*&nbsp; &nbsp; &nbsp;* @return mixed&nbsp; &nbsp; &nbsp;*/&nbsp; &nbsp; public function handle()&nbsp; &nbsp; {&nbsp; &nbsp; &nbsp; &nbsp; $users = User::get();&nbsp; &nbsp; &nbsp; &nbsp; foreach ($users as $user) {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; if (Hash::needsRehash($user->password)) {&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; $user->password = Hash::make($user->password);&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; $user->save();&nbsp; &nbsp; &nbsp; &nbsp; &nbsp; &nbsp; }&nbsp; &nbsp; &nbsp; &nbsp; }&nbsp; &nbsp; &nbsp; &nbsp; $this->info('Done..');&nbsp; &nbsp; }}用法:php artisan change-password运行命令后,您可以尝试通过路由登录。Auth::routes()或手动对用户进行身份验证if (Auth::attempt($credentials)) {&nbsp; &nbsp; // Authentication passed...}&nbsp;

慕盖茨4494581

您必须创建一个函数来首先将数据库密码更新为加密密码。在 Web 上.php类似的东西,并在浏览器上访问 /password-updatorRoute::get('/password_updator', function() {&nbsp;$allusers = \DB::table('users')->get();&nbsp;foreach($users as $user) {&nbsp; $user->password = bcrypt($user->password);&nbsp; $user->save();}});在继续之前,请确保备份您的数据库!或者,创建一个名为“password_hashed第一个 onn 用户”表的新列,并将其更新为试验。https://laravel.com/docs/5.4/helpers#method-bcrypt
随时随地看视频慕课网APP
我要回答