Why is the password not correct with this method of creating a user?

M

maks789452021-04-08 08:59:10

Laravel

maks78945, 2021-04-08 08:59:10

Good afternoon, I need to register such a user when filling in the data in the form, there are no problems with this, but I had a problem that if I create a user in this way:

$pass = Str::random(10);

        $user['company_id']     = $company->id;
        $user['name']           = $company->contact;
        $user['surname']        = 'Admin';
        $user['phone']          = $company->phone;
        $user['email']          = $company->email;
        $user['password']       = bcrypt($pass);

        $item = new User($user);
        $item->save();

I can't log in with this data, I tried to change the way the user writes to the table to this one:

$pass = Str::random(10);

        User::insert([
            'company_id'    => $company->id,
            'name'		    => $company->contact,
            'surname'	    => 'Admin',
            'email'		    => $company->email,
            'phone'         => $company->phone,
            'password'	    => bcrypt($pass),
        ]);

And everything worked for me, tell me what's wrong with the first method?

Reply

Answer the question

In order to leave comments, you need to log in

1 answer(s)

A

Alexey Ukolov, 2021-04-08
@maks78945

The second method inserts the value directly into the database, bypassing Eloquent.
And this means that the problem is in the double hashing of the password - first you pass the hashed value to the attribute, and somewhere inside the model there is also a setter that re-hashes what was passed. Such a setter was in the old versions out of the box, in the new ones it was removed (or vice versa, I don’t remember).
I do not recommend using the second method, since you lose half of the framework's capabilities in this way, it's better to deal with the first one.