Laravel 內建Auth + 客製密碼驗證規則(Laravel 11)

發表於 2024-08-21 更新於 2024-08-26 所需閱讀時間 ≈ 2 分鐘

Laravel 11 有異動許多地方，RouteServiceProvider、AuthServiceProvider… 都統一在AppServiceProvider中處理

新增一個會員的驗證機制來作為範例

config/auth.php

'guards' => [
    'web' => [
        'driver' => 'session',
        'provider' => 'users',
    ],
    'member' => [
        'driver' => 'session',
        'provider' => 'members',
    ],
],

'providers' => [
    'users' => [
        'driver' => 'eloquent',
        'model' => env('AUTH_MODEL', App\Models\User::class),
    ],

    'members' => [
        'driver' => 'member',
        'model' => App\Models\Member::class,
    ],
],

AppServiceProvider.php

public function boot(): void
{
    Auth::provider('member', function ($app, array $config) {
        return new MemberUserProvider($app['hash'], $config['model']);
    });
}

新增一個 MemberUserProvider.php 驗證

<?php

namespace App\Providers;

use Illuminate\Auth\EloquentUserProvider;
use Illuminate\Contracts\Auth\Authenticatable;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Log;

class MemberUserProvider extends EloquentUserProvider
{
    // 新舊資料為了符合，先以md5密碼驗證，再以新密碼驗證
    public function validateCredentials(Authenticatable $user, array $credentials)
    {
        $plain = $credentials['password'];

        if ($user->getAuthPassword() === md5($plain)) {
            Log::info('使用舊密碼登入');
            return true;
        }

        if (Hash::check($plain, $user->getAuthPassword())) {
            Log::info('使用新密碼登入');
            return true;
        }
        Log::info('密碼錯誤');

        return false;
    }
}

Model\Member.php
新增 Member 取的密碼 function、繼承的Class要改為 Authenticatable

use Illuminate\Foundation\Auth\User as Authenticatable;

class Member extends Authenticatable
{
    public function getAuthPassword()
    {
        return $this->attributes['password'];
    }
}