I am trying to change hashing in the laravel. So I made custom SHA256 with salt in the RegisterController. Register completed but how to change in the login?
protected function create(array $data)
{
$salt = Str::random(8);
return User::create([
'name' => $data['name'],
'email' => $data['email'],
'password' => '$SHA$' . $salt . '$' . hash('sha256', hash('sha256', $data['password']) . $salt),
]);
}
This is code of LoginController. $this->guard()->attempt($this->credentials($request))
this goes to something and hash then get token.
<?php
namespace AppHttpControllersAuth;
use IlluminateHttpRequest;
use AppHttpControllersController;
use AppExceptionsVerifyEmailException;
use IlluminateContractsAuthMustVerifyEmail;
use IlluminateValidationValidationException;
use IlluminateFoundationAuthAuthenticatesUsers;
class LoginController extends Controller
{
use AuthenticatesUsers;
/**
* Create a new controller instance.
*
* @return void
*/
public function __construct()
{
$this->middleware('guest')->except('logout');
}
/**
* Attempt to log the user into the application.
*
* @param IlluminateHttpRequest $request
* @return bool
*/
protected function attemptLogin(Request $request)
{
$token = $this->guard()->attempt($this->credentials($request));
if (! $token) {
return false;
}
$user = $this->guard()->user();
if ($user instanceof MustVerifyEmail && ! $user->hasVerifiedEmail()) {
return false;
}
$this->guard()->setToken($token);
return true;
}
/**
* Send the response after the user was authenticated.
*
* @param IlluminateHttpRequest $request
* @return IlluminateHttpJsonResponse
*/
protected function sendLoginResponse(Request $request)
{
$this->clearLoginAttempts($request);
$user = $this->guard()->user();
$token = (string) $this->guard()->getToken();
$expiration = $this->guard()->getPayload()->get('exp');
return response()->json([
'token' => $token,
'token_type' => 'bearer',
'expires_in' => $expiration - time(),
]);
}
/**
* Get the failed login response instance.
*
* @param IlluminateHttpRequest $request
* @return IlluminateHttpJsonResponse
*
* @throws IlluminateValidationValidationException
*/
protected function sendFailedLoginResponse(Request $request)
{
$user = $this->guard()->user();
if ($user instanceof MustVerifyEmail && ! $user->hasVerifiedEmail()) {
throw VerifyEmailException::forUser($user);
}
throw ValidationException::withMessages([
$this->username() => [trans('auth.failed')],
]);
}
/**
* Log the user out of the application.
*
* @param IlluminateHttpRequest $request
* @return IlluminateHttpResponse
*/
public function logout(Request $request)
{
$this->guard()->logout();
}
}