How to disable laravel 5.2 password bcrypt

Question

I want to disable the laravel password bcrypt when I try to log-in like this

Auth::guard('client')->attempt(
'id' => $request['id'],
'password' => $request['password'])

But it seems to be more dificult than I thought, I know I should not do this but I temporally need to work like this, but laravel forces me to use encrypted passwords. I need to be able to use plain passwords on my database.

I been searching on internet but I cant find a solution.

Answer 1

Try extending SessionGuard and overriding function hasValidCredentials()

Create A file by name 'SessionGuardExtended' in App\CoreExtensions

use Illuminate\Auth\SessionGuard;
use Illuminate\Contracts\Auth\Authenticatable;

class SessionGuardExtended extends SessionGuard
{
    /**
     * Determine if the user matches the credentials.
     *
     * @param  mixed  $user
     * @param  array  $credentials
     * @return bool
     */
    protected function hasValidCredentials($user, $credentials)
    {
        return ! is_null($user) && $credentials['password'] == $user->getAuthPassword();
    }
}

Edit config/auth.php edit the driver and use sessionExtended

'web' => [
    'driver' => 'sessionExtended',
    'provider' => 'users',
],

In AppServiceProvider Write Code in boot function

/**
 * Bootstrap any application services.
 *
 * @return void
 */
public function boot()
{
    Auth::extend(
        'sessionExtended',
        function ($app) {
            $provider = new EloquentUserProvider($app['hash'], config('auth.providers.users.model'));
            return new SessionGuardExtended('sessionExtended', $provider, app()->make('session.store'), request());
        }
    );
}

Reference: Extending Laravel 5.2 SessionGuard

Answer 2

You can extend Illuminate\Auth\EloquentUserProvider, ie:

<?php

namespace App\Services\Auth;

use Illuminate\Auth\EloquentUserProvider as BaseUserProvider;
use Illuminate\Contracts\Auth\Authenticatable as UserContract;

class UserProvider extends BaseUserProvider {
    /**
     * Create a new database user provider.
     *
     * @param string $model
     *
     * @return void
     */
    public function __construct($model)
    {
        $this->model = $model;
    }

    /**
     * Validate a user against the given credentials.
     *
     * @param \Illuminate\Contracts\Auth\Authenticatable $user
     * @param array                                      $credentials
     *
     * @return bool
     */
    public function validateCredentials(UserContract $user, array $credentials)
    {
        $plain = $credentials['password'];

        // $matches = some method of matching $plain with $user->getAuthPassword();

        return $matches;
    }
}

Then register this in the IoC in a service provider like so:

<?php // ...

/**
 * Register the service provider.
 *
 * @return void
 */
public function register()
{
    // ...

    $this->app['auth']->extend(
        'legacy',
        function () {
            return new \Illuminate\Auth\Guard(
                new \App\Services\Auth\UserProvider(
                    $this->app['config']['auth.model']
                ),
                $this->app['session.store']
            );
        }
    );

    // ...
}

Then set your current driver to legacy in config/auth.php.

PS: You may want to include the classes in the provider,

Answer 3

You can use

Auth::guard('client')->login($user);

In this $user is an instance of Model which is implemented Illuminate\Contracts\Auth\Authenticatable contract.

In user model it is already implemented.

Maybe it will helpful