Laravel Auth - use md5 instead of the integrated Hash::make()

后端未结

关注

 1  475

So, I\'m switching over to laravel for my site. My old site currently holds around 500 users. Each user has a md5 hash attached to them, as the password (duh ^^).

相关标签:

1条回答

夕颜

2020-12-09 00:17

MD5 is horribly outdated. I recommend that you don't try to keep it. Instead, when a user first logs in, and Auth::attempt fails, you should then try to compare their password to the database as MD5

$user = User::where('username', '=', Input::get('username'))->first();

if(isset($user)) {
    if($user->password == md5(Input::get('password'))) { // If their password is still MD5
        $user->password = Hash::make(Input::get('password')); // Convert to new format
        $user->save();
        Auth::login(Input::get('username'));
    }
}

0 讨论(0)