How to validate password to check if it is the same password as in database?

I have login form in Laravel that uses email and password to log on site. I have all validation and everything works fine except for password. When I type wrong password it goes to blank page and I want to write some error beneath password field. I looked in same:password validation but it doesn’t work. Any help is appreciated. Here is my code.

LoginController.php

public function login(Request $request)
{
    $rules = [
        'email'    => 'required|email|exists:AppUser,email', 
        'password' => 'required|alphaNum|min:5'
    ];

    $validator = Validator::make($request->all(), $rules);

    if ($validator->fails()) {
        $request->session()->put('data', $request->input());
        return redirect()->route('login')
            ->withErrors($validator->errors())
            ->withInput($request->session()->put('data', $request->input()));
    } else {
        $userData = array(
            'email'     => $request->get('email'),
            'password'  => $request->get('password')
        );
    }
    
    if (Auth::attempt($userData)) {
        return redirect()->route('dashboard');
    } else {        
        redirect()->route('login');
    }
}

JavaScript
​x
 
public function login(Request $request){    $rules = [        'email'    => 'required|email|exists:AppUser,email',         'password' => 'required|alphaNum|min:5'    ];​    $validator = Validator::make($request->all(), $rules);​    if ($validator->fails()) {        $request->session()->put('data', $request->input());        return redirect()->route('login')            ->withErrors($validator->errors())            ->withInput($request->session()->put('data', $request->input()));    } else {        $userData = array(            'email'     => $request->get('email'),            'password'  => $request->get('password')        );    }        if (Auth::attempt($userData)) {        return redirect()->route('dashboard');    } else {                redirect()->route('login');    }}​

<div class="login-page">
    <div class="login-box">
        <div class="card mb-0">
            <div class="card-body login-card-body">
                <p class="login-box-msg font-weight-bold">Sign in to start your session</p>
                <form method="POST" class="mb-4" action="{{route('login') }}">
                    @csrf
                    <div class="input-group mb-3">
                        <input id="email" type="email" placeholder="Email" class="form-control @error('email') is-invalid @enderror" name="email" value="{{ old('email') }}" required autocomplete="email" autofocus>
                        <div class="input-group-append">
                            <div class="input-group-text">
                                <span class="fas fa-user"></span>
                            </div>
                        </div>
                        @error('email')
                        <span class="invalid-feedback" role="alert">
                            <strong>{{ $message }}</strong>
                        </span>
                        @enderror
                    </div>
                    <div class="input-group mb-3">
                        <input id="password" type="password" placeholder="Password" class="form-control @error('password') is-invalid @enderror" name="password" required autocomplete="current-password">
                        <div class="input-group-append">
                            <div class="input-group-text">
                                <span class="fas fa-eye-slash cursor-pointer" style="display: none" onclick="showPassword()"></span>
                                <span class="fas fa-eye cursor-pointer" onclick="showPassword()"></span>
                            </div>
                        </div>
                        @error('password')
                        <span class="invalid-feedback" role="alert">
                            <strong>{{ $message }}</strong>
                        </span>
                        @enderror
                    </div>
                    <div class="float-right">
                        <button type="submit" class="btn btn-primary btn-block font-weight-bold">Sign In</button>
                    </div>
                </form>
            </div>
        </div>
    </div>
</div>

JavaScript
 
<div class="login-page">    <div class="login-box">        <div class="card mb-0">            <div class="card-body login-card-body">                <p class="login-box-msg font-weight-bold">Sign in to start your session</p>                <form method="POST" class="mb-4" action="{{route('login') }}">                    @csrf                    <div class="input-group mb-3">                        <input id="email" type="email" placeholder="Email" class="form-control @error('email') is-invalid @enderror" name="email" value="{{ old('email') }}" required autocomplete="email" autofocus>                        <div class="input-group-append">                            <div class="input-group-text">                                <span class="fas fa-user"></span>                            </div>                        </div>                        @error('email')                        <span class="invalid-feedback" role="alert">                            <strong>{{ $message }}</strong>                        </span>                        @enderror                    </div>                    <div class="input-group mb-3">                        <input id="password" type="password" placeholder="Password" class="form-control @error('password') is-invalid @enderror" name="password" required autocomplete="current-password">                        <div class="input-group-append">                            <div class="input-group-text">                                <span class="fas fa-eye-slash cursor-pointer" style="display: none" onclick="showPassword()"></span>                                <span class="fas fa-eye cursor-pointer" onclick="showPassword()"></span>                            </div>                        </div>                        @error('password')                        <span class="invalid-feedback" role="alert">                            <strong>{{ $message }}</strong>                        </span>                        @enderror                    </div>                    <div class="float-right">                        <button type="submit" class="btn btn-primary btn-block font-weight-bold">Sign In</button>                    </div>                </form>            </div>        </div>    </div></div>​

Answer

Assuming that your email is unique, you first have to get the DB row where the $request->email is: $user = User::where('email', $request->email)->first()

You can then check it by using: Hash::check($request->password, $user->password)

https://laravel.com/docs/7.x/hashing

@edit

To add it to the rules you will have to create a Rule Class: php artisan make:rule myRuleName Afterwards you will call it like that:

$rules = [
        'email'    => 'required|email|exists:AppUser,email', 
        'password' => ['required','alphaNum','min:5', new myRuleName()],
    ];

JavaScript
 
$rules = [        'email'    => 'required|email|exists:AppUser,email',         'password' => ['required','alphaNum','min:5', new myRuleName()],    ];​

In your custom Rule Class you will find a passes($attribute, $value)function. Now you can insert the code i wrote above into this method. You will have to replace $request->password with $value

Advertisement

Answer