I'm working with an old copy of a client's database and making the new Laravel app work with its existing users.
I was building and testing with my User model using the 'users' table, but I'm trying to hook it up to the 'auth_user' table. After the changes, my new users are being created correctly. The login is a problem though. The users are passing Auth::attempt($credentials) as expected, but failing when
In my LoginController...
// post to /login
public function login() {
$input = Request::all();
// Log the user in
if (Auth::attempt(['email'=>$input['username'], 'password'=>$input['password']])) {//Auth::attempt(Auth::attempt("admin", ['email' => $input['username'], 'password' => $input['password'], 'active' => 1])) {
// the user is now authenticated.
return Redirect::to('/welcome')->with('message', 'Successfully authenticated');
}
return Redirect::to('/')
->with('message', 'Login Failed: Your Login Credentials Are Invalid');
}
}
I'm definitely passing the Auth::attempt(...), but I don't think my session is being set for that user. After the redirect to /welcome, I fail the Auth::check('user')
public function welcome() {
if (!Auth::check('user')) return Redirect::to('/');
// ... Top secret stuff (no returns or redirects though)
return view('user.welcome', [
'user' => Auth::user()
// ...
]);
}
This redirects back to my login controller.
The kicker is this was all working when I was using my 'users' table instead of 'auth_user'.
Users uses id as the primary key, Auth_user uses 'uid' as the primary key. I'd love to change the uid to be id, but I have to reuse a scary number of MYSQL stored procedures that I can't change.
Relevant models:
User.php:
class User extends Model implements AuthenticatableContract,
AuthorizableContract,
CanResetPasswordContract
{
use Authenticatable, Authorizable, CanResetPassword;
public function rules($scenario = null, $id = null) {
$rules = [];
switch($scenario) {
case 'userAdd':
$rules = [
'password' => 'required|confirmed|min:6'
];
break;
case 'passwordChange':
$rules = [
'password' => 'required|confirmed|min:6'
];
break;
}
return $rules;
}
public function isValid($scenario = null) {
$validation = User::make($this->attributes, User::rules($scenario));
if($validation->passes()) return true;
$this->errors = $validation->messages();
return false;
}
/**
* The database table used by the model.
*
* #var string
*/
protected $table = 'auth_user';
/**
* The attributes that are mass assignable.
*
* #var array
*/
protected $fillable = ['username', 'name', 'password', 'email', 'expire', 'active', 'organization','role'];
/**
* The attributes excluded from the model's JSON form.
*
* #var array
*/
protected $hidden = ['password', 'remember_token'];
protected $primaryKey = 'uid';
}
Auth.php (for multiple user types -- I know, I'd rather use roles instead of separate models too)
<?php
return [
'multi' => [
'user' => [
'driver' => 'eloquent',
'model' => App\User::class,
'table' => 'auth_user'
],
'admin' => [
'driver' => 'eloquent',
'model' => App\Admin::class,
'table' => 'auth_admin'
]
],
];
I think I covered all my bases for the primary key change, but I can't get the model to pass Auth::check(). Can someone with more Laravel experience illuminate what I'm doing wrong? Thanks in advance!
This is not a complete fix. I still can't find anything to tell Laravel/Guard not to look at the ID column, so I bandaided it by adding an ID column and $user->id = $user->uid;. I'm not proud of this, but it works.
In your User.php Script you need to place this code and this code make the table to login check.
protected $table='auth_users';
In your User.php code place that protected table code in initial stage( after the class function).
Related
i'm trying to develop a multi tenant, app in laravel, with multiple DBs and subdomains, so far i'm using the default user guard for authenticating in the main domain let's say it's example.com, it works fine, i'm also using a different guard for the subdomains, registration works fine, but the login seems to be broken, it authenticates the user but if i try to Auth:user() or even redirect to a protected route it looks like the user has already logged out.
I'm using relational database as the session driver (to avoid subdomains user to modify the cookies domain and access other subdomains), the sessions seems to be stored correctly in the sessions table of the main domain, but in the subdomain every record has the user_id set as null.
Laravel 8.28.1
PHP 7.4.12
Multi tenancy by https://tenancyforlaravel.com
Here is my config/auth.php file
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
'hash' => false,
],
// this is the guard for subdomains
'collaboratore' => [
'driver' => 'session',
'provider' => 'collaboratori',
],
],
/*
|--------------------------------------------------------------------------
| User Providers
|--------------------------------------------------------------------------
*/
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Models\User::class,
],
'collaboratori' => [
'driver' => 'eloquent',
'model' => App\Models\Collaboratore::class,
],
this is my model for users in the subdomains
namespace App\Models;
use Illuminate\Database\Eloquent\Factories\HasFactory;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Notifications\Notifiable;
class Collaboratore extends Authenticatable
{
use HasFactory, Notifiable;
protected $table = 'collaboratore';
protected $guard = 'collaboratore';
public $primaryKey = 'id';
/**
* The attributes that are mass assignable.
*
* #var array
*/
protected $fillable = [
'username',
'password',
'email',
// ... other stuff ...
];
/**
* The attributes that should be hidden for arrays.
*
* #var array
*/
protected $hidden = [
'password',
'remember_token',
];
/**
* The attributes that should be cast to native types.
*
* #var array
*/
protected $casts = [
'email_verified_at' => 'datetime',
];
}
and this is my controller for users in the subdomains
public function login(Request $request )
{
// validate request
$credentials = $this->validate($request, [
'email' => 'required|email',
'password' => 'required'
]);
if ( Auth::guard('collaboratore')->attempt( $credentials ) )
{
// login successful
return redirect('/home');
}
//dd("failed");
// login failed
return $request->expectsJson()
? response([ 'message' => 'Invalid credentials', 401 ])
: redirect()->back()->withInput($request->only('email', 'remember'));
}
any help would be appreciated, i'm kinda stuck right now
From Laravel website https://laravel.com/docs/8.x/authentication#introduction
The attempt method is normally used to handle authentication attempt's
from your application's "login" form. If authentication is successful,
you should regenerate the user's session to prevent session fixation:
if (Auth::attempt($credentials)) {
$request->session()->regenerate();
return redirect()->intended('dashboard');
}
So you should add $request->session()->regenerate(); inside your if attempt.
it looks like i managed to solve his, the problem was here, i changed
public function __construct()
{
$this->middleware('guest')->except('logout');
}
to this
public function __construct()
{
$this->middleware('web');
}
and now it's working, but the session is still note being stored
I generated a different table to store users for my website. Name of the table is tblusers. I am registering new users with a controller method register(), in which i added this code
public function register(){
return User::create([
'User_Email' => 'test#example.com',
'User_UserName' => 'test#example.com',
'User_Password' => bcrypt('123'),
'User_Address' => 'ABCD....',
'User_IsActive' => 1,
'User_FullName' => 'Burhan Ahmed',
'User_AppID' => 1,
'User_IsVerified' => 1
]);
}
It adds above dummy data successfully in Database. Then i tried to login with above given credentials using below code:
dd(Auth::attempt(['User_UserName' => 'test#example.com', 'User_Password' => '123']));
But above statement always returns false, Why? Am i missing something. I tried to pass actual bcrypt code instead '123' in above array it returns the same result always. Below is my Model Class
<?php
namespace App;
use Illuminate\Notifications\Notifiable;
use Illuminate\Foundation\Auth\User as Authenticatable;
use Illuminate\Support\Facades\DB;
//class User extends Authenticatable
class User extends Authenticatable
{
use Notifiable;
protected $table = 'tblusers';
protected $primaryKey = 'User_ID';
public $timestamps = false;
/**
* The attributes that are mass assignable.
*
* #var array
*/
protected $fillable = [
'User_UserName', 'User_Email', 'User_Password', 'User_Address', 'User_FullName', 'User_IsActive', 'User_IsVerified'
];
/**
* The attributes that should be hidden for arrays.
*
* #var array
*/
protected $hidden = [
'User_Password'
];
}
I am using Laravel 5.4, i followed all the authentication steps but not matter what i pass it always return false.
if You want to Change the default table of login folow the steps
For Example You are Changing it to login_table
Step1:
change the table property in User.php (User Model)
/**
* The table associated with the model.
*
* #var string
*/
protected $table = 'login_table';
Step1:
IF YOU ARE BEGGINER
Now You need to change the table name users to login_table
IF PROJECT IS TEAM COLLBRATION MAKE THE MIGRATION WITH login_table
php artisan make:migration create_login_table_table
and add the columns available in the users table
Step3:
Now open the file app\Http\Controllers\Auth\RegisterController.php
You will find method validator as
protected function validator(array $data)
{
return Validator::make($data, [
'name' => 'required|string|max:255',
'email' => 'required|string|email|max:255|unique:users',
'password' => 'required|string|min:6|confirmed',
]);
}
Now You need to change unique:users to unique:login_table
protected function validator(array $data)
{
return Validator::make($data, [
'name' => 'required|string|max:255',
'email' => 'required|string|email|max:255|unique:login_table',
'password' => 'required|string|min:6|confirmed',
]);
}
Hope it helps and it works fine for me # Md.Sukel Ali
Comment if it not works
I have to implement login functionality in Laravel 5.2. I have successfully done so using the official Laravel documentation except that I do not know how to authenticate the user using different database table column names, namely st_usernameand st_password.
I have searched the Internet for clues but to no avail.
I don't know which class I need to use (like, use Illuminate.......) for Auth. If any one knows the answer, please let me know.
Here is my code:
Login View
#extends('layouts.app')
#section('content')
<div class="contact-bg2">
<div class="container">
<div class="booking">
<h3>Login</h3>
<div class="col-md-4 booking-form" style="margin: 0 33%;">
<form method="post" action="{{ url('/login') }}">
{!! csrf_field() !!}
<h5>USERNAME</h5>
<input type="text" name="username" value="abcuser">
<h5>PASSWORD</h5>
<input type="password" name="password" value="abcpass">
<input type="submit" value="Login">
<input type="reset" value="Reset">
</form>
</div>
</div>
</div>
</div>
<div></div>
#endsection
AuthController
namespace App\Http\Controllers\Auth;
use App\User;
use Validator;
use App\Http\Controllers\Controller;
use Illuminate\Foundation\Auth\ThrottlesLogins;
use Illuminate\Foundation\Auth\AuthenticatesAndRegistersUsers;
class AuthController extends Controller
{
use AuthenticatesAndRegistersUsers, ThrottlesLogins;
protected $redirectTo = '/home';
public function __construct()
{
$this->middleware('guest', ['except' => 'logout']);
$this->username = 'st_username';
$this->password = 'st_password';
}
protected function validator(array $data)
{
return Validator::make($data, [
'name' => 'required|max:255',
'email' => 'required|email|max:255|unique:users',
'password' => 'required|confirmed|min:6',
]);
}
Route File
Route::get('/', function () {
return view('index');
});
Route::group(['middleware' => 'web'], function () {
Route::auth();
Route::get('/home', 'HomeController#index');
});
config/auth.php
return [
'defaults' => [
'guard' => 'web',
'passwords' => 'users',
],
'guards' => [
'web' => [
'driver' => 'session',
'provider' => 'users',
],
'api' => [
'driver' => 'token',
'provider' => 'users',
],
],
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\User::class,
],
// 'users' => [
// 'driver' => 'database',
// 'table' => 'users',
// ],
],
'passwords' => [
'users' => [
'provider' => 'users',
'email' => 'auth.emails.password',
'table' => 'password_resets',
'expire' => 60,
],
],
];
I searched a lot how to customize Laravel 5.2 authorisation form and this is what is working for me 100%.
Here is from bottom to top solution.
This solution is originally from here: https://laracasts.com/discuss/channels/laravel/replacing-the-laravel-authentication-with-a-custom-authentication
but i had to make couple changes to make it work.
My web app is for the DJs so my custom column names are with 'dj_', for example name is dj_name
config/auth.php
// change this
'driver' => 'eloquent',
// to this
'driver' => 'custom',
in config/app.php add your custom provider to the list
...
'providers' => [
...
// add this on bottom of other providers
App\Providers\CustomAuthProvider::class,
...
],
Create CustomAuthProvider.php inside folder app\Providers
namespace App\Providers;
use Illuminate\Support\Facades\Auth;
use App\Providers\CustomUserProvider;
use Illuminate\Support\ServiceProvider;
class CustomAuthProvider extends ServiceProvider {
/**
* Bootstrap the application services.
*
* #return void
*/
public function boot()
{
Auth::provider('custom', function($app, array $config) {
// Return an instance of Illuminate\Contracts\Auth\UserProvider...
return new CustomUserProvider($app['custom.connection']);
});
}
/**
* Register the application services.
*
* #return void
*/
public function register()
{
//
}
}
Create CustomUserProvider.php also inside folder app\Providers
<?php
namespace App\Providers;
use App\User; use Carbon\Carbon;
use Illuminate\Auth\GenericUser;
use Illuminate\Contracts\Auth\Authenticatable;
use Illuminate\Contracts\Auth\UserProvider;
use Illuminate\Support\Facades\Hash;
use Illuminate\Support\Facades\Log;
class CustomUserProvider implements UserProvider {
/**
* Retrieve a user by their unique identifier.
*
* #param mixed $identifier
* #return \Illuminate\Contracts\Auth\Authenticatable|null
*/
public function retrieveById($identifier)
{
// TODO: Implement retrieveById() method.
$qry = User::where('dj_id','=',$identifier);
if($qry->count() >0)
{
$user = $qry->select('dj_id', 'dj_name', 'first_name', 'last_name', 'email', 'password')->first();
$attributes = array(
'id' => $user->dj_id,
'dj_name' => $user->dj_name,
'password' => $user->password,
'email' => $user->email,
'name' => $user->first_name . ' ' . $user->last_name,
);
return $user;
}
return null;
}
/**
* Retrieve a user by by their unique identifier and "remember me" token.
*
* #param mixed $identifier
* #param string $token
* #return \Illuminate\Contracts\Auth\Authenticatable|null
*/
public function retrieveByToken($identifier, $token)
{
// TODO: Implement retrieveByToken() method.
$qry = User::where('dj_id','=',$identifier)->where('remember_token','=',$token);
if($qry->count() >0)
{
$user = $qry->select('dj_id', 'dj_name', 'first_name', 'last_name', 'email', 'password')->first();
$attributes = array(
'id' => $user->dj_id,
'dj_name' => $user->dj_name,
'password' => $user->password,
'email' => $user->email,
'name' => $user->first_name . ' ' . $user->last_name,
);
return $user;
}
return null;
}
/**
* Update the "remember me" token for the given user in storage.
*
* #param \Illuminate\Contracts\Auth\Authenticatable $user
* #param string $token
* #return void
*/
public function updateRememberToken(Authenticatable $user, $token)
{
// TODO: Implement updateRememberToken() method.
$user->setRememberToken($token);
$user->save();
}
/**
* Retrieve a user by the given credentials.
*
* #param array $credentials
* #return \Illuminate\Contracts\Auth\Authenticatable|null
*/
public function retrieveByCredentials(array $credentials)
{
// TODO: Implement retrieveByCredentials() method.
$qry = User::where('email','=',$credentials['email']);
if($qry->count() > 0)
{
$user = $qry->select('dj_id','dj_name','email','password')->first();
return $user;
}
return null;
}
/**
* Validate a user against the given credentials.
*
* #param \Illuminate\Contracts\Auth\Authenticatable $user
* #param array $credentials
* #return bool
*/
public function validateCredentials(Authenticatable $user, array $credentials)
{
// TODO: Implement validateCredentials() method.
// we'll assume if a user was retrieved, it's good
// DIFFERENT THAN ORIGINAL ANSWER
if($user->email == $credentials['email'] && Hash::check($credentials['password'], $user->getAuthPassword()))//$user->getAuthPassword() == md5($credentials['password'].\Config::get('constants.SALT')))
{
//$user->last_login_time = Carbon::now();
$user->save();
return true;
}
return false;
}
}
in App/Http/Controllers/Auth/AuthController.php change all
'name' to 'dj_name' and add your custom fields if you have them...you can also change 'email' to your email column name
In Illuminate\Foundation\Auth\User.php add
protected $table = 'djs';
protected $primaryKey = 'dj_id';
In App/User.php change 'name' to 'dj_name' and add your custom fields.
For changing 'password' column to your custom column name add
public function getAuthPassword(){
return $this->custom_password_column_name;
}
Now backend is all done, so you only have to change layouts login.blade.php, register.blade.php, app.blade.php...here you only have to change 'name' to 'dj_name', email, or your custom fields...
!!! password field NEEDS to stay named password !!!
Also, to make unique email validation change AuthController.php
'custom_email_field' => 'required|email|max:255|unique:users',
to
'custom_email_field' => 'required|email|max:255|unique:custom_table_name',
Also, if you want to make custom created_at an updated_at fields change global variables in Illuminate\Database\Eloquent\Model.php
const CREATED_AT = 'dj_created_at';
const UPDATED_AT = 'dj_updated_at';
A custom Auth::attempt() doesn't work for me by changing the model in auth.php like this:
'providers' => [
'users' => [
'driver' => 'eloquent',
'model' => App\Person::class,
],
],
If I try to authenticate a Person via custom column names in Auth::attempt:
if (Auth::attempt(['persUsername' => $request->user, 'persPassword' => $request->pass])) {
return redirect()->intended('/');
}
I get the same error:
ErrorException in EloquentUserProvider.php line 112: Undefined index:
password
But I can authenticate a Person like this:
$person = Person
::where('persUsername', $request->user)
->where('persPassword', $request->pass)
->first();
if (! is_null($person)) {
if ($person->persUsername === $request->user && $person->persPassword === $request->pass) {
Auth::login($person, false);
return redirect()->intended('/');
}
}
But that's not the way it should be, I guess.
In the mentioned File (EloquentUserProvider.php), I see 'password' is hardcoded.
public function retrieveByCredentials(array $credentials)
{
$query = $this->createModel()->newQuery();
foreach ($credentials as $key => $value) {
if (! Str::contains($key, 'password')) {
$query->where($key, $value);
}
}
return $query->first();
}
public function validateCredentials(UserContract $user, array $credentials)
{
$plain = $credentials['password'];
return $this->hasher->check($plain, $user->getAuthPassword());
}
So there is actually no way to use a custom column name for passwords the easy way?
This is easy simply use the desired column names in Auth::attempt()/method like so:
if (Auth::attempt(['st_username' =>$username,'st_password' => $password])) {
// Authentication passed...
return redirect()>intended('dashboard');
}
Updated:
If you also wish to change default authentication table which is users by default or change the model name or path App\User by default, you can find these settings in config\auth.php
/*
|--------------------------------------------------------------------------
| Authentication Table
|--------------------------------------------------------------------------
|
| When using the "Database" authentication driver, we need to know which
| table should be used to retrieve your users. We have chosen a basic
| default value but you may easily change it to any table you like.
|
*/
//'table' => 'users',
'table' => 'new_tables_for_authentication',
/*
|--------------------------------------------------------------------------
| Authentication Model
|--------------------------------------------------------------------------
|
| When using the "Eloquent" authentication driver, we need to know which
| Eloquent model should be used to retrieve your users. Of course, it
| is often just the "User" model but you may use whatever you like.
|
*/
//'model' => App\User::class,
'model' => App\Models\User::class,
When i try to log in , it redirects me to www.example.com/admin/{username} but it shows a NotFoundHttpException error. Thank you in advance!
The routes.php file
Route::get('/admin', 'SessionsController#create');
Route::get('/logout', 'SessionsController#destroy');
Route::get('profile', function()
{
return "welcome! Your username is" . Auth::admin()->username;
});
Route::resource('sessions', 'SessionsController', ['only' => ['index', 'create', 'destroy', 'store']]);
here is the controller SessionsController.php
<?php
class SessionsController extends \BaseController {
/**
* Show the form for creating a new resource.
*
* #return Response
*/
public function create()
{
return View::make('admins');
}
/**
* Store a newly created resource in storage.
*
* #return Response
*/
public function store()
{
$rules = array('username' => 'required', 'password' => 'required');
$validator = Validator::make(Input::all(), $rules);
if($validator -> passes()){
$credentials = array(
'username' => Input::get('username'),
'password' => Input::get('password')
);
if(Auth::admin($credentials,true)){
$username = Input::get('username');
return Redirect::to("admin/{$username}");
} else {
return Redirect::to('/admin')->withErrors('Username or password invalid');
}
} else {
return Redirect::to('/admin')->withErrors($validator->messages());
}
}
/**
* Remove the specified resource from storage.
*
* #param int $id
* #return Response
*/
public function destroy($id)
{
Auth::logout();
return Redirect::home();
}
}
the admins.blade.php
{{Form::open(array('route' => 'sessions.store'))}}
<h1>ADMIN LOGIN </h1>
{{Form::label('username', 'Username')}}
{{Form::text('username')}}
{{Form::label('password', 'Password')}}
{{Form::password('password')}}
{{Form::submit('Login')}}
{{$errors->first()}}
{{Form::close()}}
and here is the model Admin.php
use Illuminate\Auth\UserTrait;
use Illuminate\Auth\UserInterface;
use Illuminate\Auth\Reminders\RemindableTrait;
use Illuminate\Auth\Reminders\RemindableInterface;
class Admin extends Eloquent implements UserInterface, RemindableInterface {
/**
* The attributes excluded from the model's JSON form.
*
* #var array
*/
protected $hidden = array('password', 'remember_token');
/**
* The database table used by the model.
*
* #var string
*/
protected $table = 'admins';
}
I also installed ollieread multiauth
and here is auth.php file
return array(
'multi' => array(
'admin' => array(
'driver' => 'database',
'model' => 'Admin',
'table' => 'admins'
),
'user' => array(
'driver' => 'eloquent',
'model' => 'User',
'table' => 'users'
)
),
'reminder' => array(
'email' => 'emails.auth.reminder',
'table' => 'password_reminders',
'expire' => 60,
),
);
You haven't declared any routes pointing to /admin/{username} . That's the reason it can't be found by laravel.
Here is an example:
In your route files
Route::get('/admin/{username}', 'SessionsController#getByUserName');
I strongly advice you to use named routes. They are a lot easier to manage, even if your application gets bigger.
For example
In your route files
Route::get('/admin/{username}',array('as' => 'admin.username', 'uses'=>'SessionsController#getByUserName'));
Then you can call the url that points to the certain controller either using
URL::route('admin.username')(inside views) or
Redirect::route('admin.username') (inside controller)
You can also pass variables using an array. like this
URL::route('admin.username',array($user->username))
More about routing here
Everything is ok unless authing in this code. That returns "false". This is my first try with this class I'm already beginner for laravel. I don't know that is really basic problem but I can not see the problem, that's why I ask this.
public function signupDone(){
$rules = array(
'username' => 'required|unique:users|min:5', // Minumum 5 Characters and Unique
'password' => 'required|min:8', // Password must be 8 characters, at least
'password2' => 'same:password', // Password2 must be same of password
'email' => 'required|email|unique:users' // Email must be an e-mail adress unique
);
$validation_result = Validator::make(Input::all(), $rules);
if($validation_result->fails()){
return Redirect::to('signup')->withErrors($validation_result);
}
$user = new Users;
$user->username = Input::get('username');
$user->password = Hash::make(Input::get('password'));
$user->email = Input::get('email');
if($user->save()){
if(Auth::attempt(array("username"=>$user->username, "password"=>Input::get('password')))){
return Redirect::to('/');
}
else{
return "false";
}
}
Thanks.
EDIT:
/config/auth.php
<?php
return array(
'driver' => 'eloquent',
'model' => 'Users',
'table' => 'users',
'reminder' => array(
'email' => 'emails.auth.reminder',
'table' => 'password_reminders',
'expire' => 60,
),
);
And users table:
Users Model:
<?php
use Illuminate\Auth\UserTrait;
use Illuminate\Auth\UserInterface;
use Illuminate\Auth\Reminders\RemindableTrait;
use Illuminate\Auth\Reminders\RemindableInterface;
class Users extends Eloquent implements UserInterface, RemindableInterface {
use UserTrait, RemindableTrait;
/**
* The database table used by the model.
*
* #var string
*/
protected $table = 'users';
/**
* The attributes excluded from the model's JSON form.
*
* #var array
*/
protected $hidden = array('password', 'remember_token');
}
As #user3158900 noticed correctly, your password column needs to be 60 characters long, otherwise the hash will be truncated become useless.
Still there's no need to use Auth::attempt if you know the users credentials are valid (because he just created his account).
In such cases you can just use Auth::login
if($user->save()){
Auth::login($user);
return Redirect::to('/');
}
There's no need to check if the login worked because:
You are not validating credentials
If anything drastically goes wrong an exception will be thrown
If the user for some reason doesn't get logged in without error there's still your auth filter that will redirect to a login form (I suppose)
Yes I have to change the password field to 60 varchar. But I've just noticed that, Auth::attempt returns false if username and password ok.
if (Auth::attempt(array('email' => $email, 'password' => $password)))
{
return Redirect::intended('dashboard');
}