Example Analysis of Custom Verification Process in Laravel Framework

This article describes the custom validation process of Laravel framework with an example. Share it for your reference, as follows:

First of all, you need to understand that when you open auth middleware, you actually call app/Http/Kernel. php

'auth' => \Illuminate\Auth\Middleware\Authenticate::class,

However, there is no need to dwell on this file here. Let's see what will happen after opening this verification. First of all, if you go to the controller that turns on this authentication, but you are not logged in, it will search for login route by default, so you need to set this route in the route:

Route::get('login','AnyControllerName@AnyFunctionName')->name('login');

And although name('login') It can be set or not, but it is best to add it. Then the page will jump to the page you set up for users to fill out the form, and you should also set the submission route of the form:

Route::post('login','AnyControllerName@AnyFunctionName');

In fact, since we have control here, that is, we can manually determine which controller the form is submitted to and the method under the corresponding controller, the next problem is how to make Laravel know that we are sure that the user has passed the authentication.

You can use it at this time Auth::attempt() Function, which works by passing the array you pass in, such as the following:

public function checkLogin(Request $request){
  $user_name=$request->user_name;
  $user_id=$request->user_id;
  $password=$request->password;
  Auth::attempt([
    'user_name'=>$user_name,
    'user_id'=>$user_id,
    'password'=>$password
  ]);
}

Here's the point! ! !

Among them, we use three parameters: $user_name, $user_id, $password. attempt will take the content except $password as the content of $where and search for records from the database. If the record is 0, it goes without saying that the verification fails, but when the record exists, it is necessary to match whether $password is correct.

laravel saves $password by using the function password_hash of PHP, which can calculate the hash value of the incoming value, and the function needs the second parameter, which specifies the hash processing method. The parameter in Laravel is named PASSWORD_BCRYPT, and Laravel will save the password after being processed by this function. As for how to do it, there is no chance to delve into it for the time being. )

Suppose your password is 123456, then the value you save in the database is

password_hash('123456','PASSWORD_BCRYPT')

Auth::attempt() Will send the value you submitted, do password_hash($post_password,'PASSWORD_BCRYPT') Process, and then compare it with the stored value in the database. If it is equal, the validation passes, and if it is not equal, the natural validation fails.

After verification passes, use the Auth::login(Auth::user()); You can complete the login verification of the user.

There is another knowledge point interspersed here. When you use Eloquent as the database driver, you need to create a new user class, User. php. You can use the command line to create this model, or you can directly create it manually, but note that there are problems with the new model created by the command line. Auth::attempt() Attempts to call the model, but the called class type is not Model! ! ! So when you think you have built User. php, you will report the following error:

Argument 1 passed to
Illuminate\Auth\EloquentUserProvider::validateCredentials()
must be an instance of
Illuminate\Contracts\Auth\Authenticatable,
instance of
App\User
given, called in /var/www/sample/vendor/laravel/framework/src/Illuminate/Auth/SessionGuard.php on line 379 and defined

Simply put, the parameters you passed are wrong. Here is an error demonstration:

namespace App\Model;
use Illuminate\Database\Eloquent\Model;
class User extends Model
{
}

You only need to modify the User. php model to the following form:

<?php
namespace App;
use Illuminate\Auth\Authenticatable;
use Illuminate\Database\Eloquent\Model;
use Illuminate\Auth\Passwords\CanResetPassword;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
use Illuminate\Database\Eloquent\SoftDeletes;
class User extends Model implements AuthenticatableContract
{
  use Authenticatable, CanResetPassword;
  //  This parameter is about soft deletion. If you need soft deletion, you can add 
  // use SoftDeletes;
}

For more readers interested in Laravel related content, please check the topics on this site: "Introduction and Advanced Tutorial of Laravel Framework", "Summary of Excellent Development Framework of php", "Introduction Tutorial of php Object-Oriented Programming", "Introduction Tutorial of php+mysql Database Operation" and "Summary of Common Database Operation Skills of php"

I hope this article is helpful to the PHP programming based on Laravel framework.