How to compare a string password with laravel Encrypted Password

Mohammed picture Mohammed · Jun 22, 2017 · Viewed 10.7k times · Source

I Had first created a Web Application in Laravel.Now I am working on its mobile Application using Ionic Frame work.

While working with laravel, laravel convert the password to its encryption. Now while working on integration of API in Ionic with Laravel, with login functionality I am facing an issue that, How can I a compare the password entered through Mobile App with the encrypted password in laravel table.

If its would have been web App then its working fine, but for API integration I am facing this issue. Please Help me

Answer

doncadavona picture doncadavona · Jun 22, 2017

2 ways:

1.

$hashedPassword = User::find(1)->password;

if (Hash::check('plain-text-password', $hashedPassword)) {
    // The passwords match...
}
$hashedPassword = User::find(1)->password;

if (Hash::make('plain-text-password') === $hashedPassword) {
  // The passwords match...
}

However, as the official documentation says, and as a pro-DRY (Don't Repeat Yourself) approach, if you are using the LoginController included with Laravel, you will probably not need to use these 2 ways directly, as it automatically does the first way already.

Ref: https://laravel.com/docs/5.4/hashing

IMPORTANT UPDATE

The second way posted here does not work because Laravel uses bcrypt, which generates random a salt on each hash; making each hash different from the original hashed password in the the database. Use the first way instead. You may also read Where are laravel password salts stored?.