$user = User::where('email',$request['email'],'password', Crypt::decrypt($request['password']))->first();
How do I decrypt a password in laravel?
This is the error that I'm getting:
DecryptException in Encrypter.php line 144: The payload is invalid.
As mentioned, it makes little sense why you would want/need to do this, given Laravel's authentication library. However, in an effort to help, I'll make this suggestion:
I'm assuming this code is inside a controller and you're passing the request object. If so, you're using the request object incorrectly, as it's not a simple array. To obtain the values, you should be calling the input method of the request object:
$value = $request->input('password');
Docs are here.
Related
I'm using composer to install the slim-skeleton. Those built in routes work as expected. I understand how to add in my previous routes and database connections, but I've been struggling on how to add in any JWT library. I've searched and searched but I'm not finding much documentation for Slim-4 and what I've tried always seems to fail one way or another.
So for example I use composer to install tuupola/slim-jwt-auth and it says to add the following code:
$app = new Slim\App;
$app->add(new Tuupola\Middleware\JwtAuthentication([
"secret" => "supersecretkeyyoushouldnotcommittogithub"
]));
but where or how exactly do I add it to the middleware? Does it need to be added to app/middleware.php? All the documentation I read has a completely different file structure with other directories and whatnot. Once this is placed in the correct spot it looks like when a request is made without a token I should get a 401 Unauthorized response.
After that part is working I know I need to create a route to get my access token, but I'm not seeing anything about that in this library so I would assume I need another library to encode my token and return it from my request.
Once I actually get a token response and pass it in the headers for my actual request route I would assume I do something like the following
$app->get("/protected-route-name", function ($request, $response, $arguments) {
$token = $request->getAttribute("token");
// Not sure what to put next to verify the token and allow the response or display a error if there is no token or the token in invalid.
});
I'm open to firebase or any JWT library if someone has one they like and that works well, I just need some direction as I feel all the documentation is lacking.
use \Firebase\JWT\JWT;
get token
$headers = apache_request_headers();
if(isset($headers['Authorization'])){
$decoded = JWT::decode($headers['Authorization'], $publicKey, array("RS256"));
.... verify token.
}
$jwt = JWT::encode($payload, $privateKey, "RS256");
boom done.
you don't even really need to use middle ware to do this.
slim made itself way overly complex with that.
But the truth is between slim3 and slim 4, on a very basic setup, the only thing that has changed is the getBody() on the json writing.
honestly, not really sure how useful this is anymore to be honest. everything is cloudbased now. Only reason I found this is trying to figure out how to use Google Identity Platform with Slim.
Hello i need to decrypt value of cookie.
My code to create and destroy:
public function setSession($id){
Cookie::queue('userId', $id, 10000);
}
public function destroySession(){
Cookie::queue(Cookie::forget('userId'));
}
But i need to get value of cookie without encrypt.
In web request context cookies are usually automatically encrypted and decrypted by the EncryptCookies middleware. So easiest option would be just to enable this middleware (and it's enabled by default in Laravel).
If you need to decrypt any value manually, the following will do the trick:
// get the encrypter service
$encrypter = app(\Illuminate\Contracts\Encryption\Encrypter::class);
// decrypt
$decryptedString = $encrypter->decrypt($encryptedString);
Check the code of the EncryptCookies middleware to learn more about what it does internally.
By default Crypt::decrypt tries to deserialize the value, and yours is not serialized and that's why you get the error. You need to pass a second argument like:
Crypt::decrypt(Cookie::get('userId'), false);
I am developing a package where I am registering ServiceProvider and inside my class methods I am saving cookie data as this
Cookie::queue(Cookie::make('my_name', 'manash', 120));
and I am retrieving like this
Cookie::get('my_name')
but I am not getting the value as I have stored, instead it is outputting me this value
eyJpdiI6InlcL3VxNklrejlKemxLQ012T0pcL3U1QT09IiwidmFsdWUiOiJpbzRmajVEUU90YkhhdTdpeFNlcURBPT0iLCJtYWMiOiI1MTFiMTk5YjY3ZTczMzI2Nzc1MGI1Mzk3NmU1MjJhYjE3MWRhYWE2OGQ4NWE1Y2Y2NDgyZWQ1YmYxOGQ4OWU1In0=
I think it encrypted, but as per my knowledge it should be automatically decrypted when we use get method.
I am using laravel 5.3.28
What happens is that all cookies created by laravel are encrypted and signed with an authentication code.
Have you tried with the request?
Like this:
Illuminate\Http\Request
Request $request;
$request->cookie('my_name');
Check if your middleware is not triggering before Encrypt Cookie middleware
Try https://laravel.com/docs/master/encryption see if it works
Seems a little strange.
I am using CodeIgniter with Elliot Haughin's Twitter library. It's an excellent API by the way.
However, I autoload this library in "autoload.php" in the config folder and I noticed ANY URL that has "oauth_token" URL parameter is captured by this library.
For example, when I type
http://localhost/myapp/index.php/controller?oauth_token=1
Then it throws up an error
A PHP Error was encountered
Severity: Notice
Message: Trying to get property of non-object
Filename: libraries/Tweet.php
Line Number: 205
I went through the library and found that the following constructor calling a method that checks the GET parameters.
class tweetOauth extends tweetConnection {
function __construct()
{
parent::__construct();
..
..
..
$this->_checkLogin();
}
and the method "_checkLogin()" does the following
private function _checkLogin()
{
if ( isset($_GET['oauth_token']) )
{
$this->_setAccessKey($_GET['oauth_token']);
$token = $this->_getAccessToken();
$token = $token->_result;
...
...
What would be the best way to fix this?
Why do you have oauth_token in the querystring if you're not checking for a valid oauth_token?
I'm assuming at some point you want to state that a oauth_token has been set and you're just using oauth_token=1 as the parameter?
The library is set to always test against oauth_token, and it's not really a feasible tweak to do it any other way if you're autoloading it. You'd need a whitelist/blacklist of controllers (and maybe methods) it runs on, which pretty much defeats the point of autoloading.
If REALLY need to use oauth_token=1, you could just change it to
if ( isset($_GET['oauth_token']) && $_GET['oauth_token']!==1)
If you were using more than one value for oauth_token (or if your worry is that you can trigger an error by appending oauth_token=X to a URL) you could try and use a regex instead, assuming that all oauth_tokens follow a pattern (32 characters long etc).
Alternatively you could also probably just exit/return false depending on what is returned in $token = $this->_getAccessToken(). Depends what happens elsewhere in the code. Looks like returning false should just work.
I'm trying to use Zend_Soap_Client to communicate with an ASP.net web service. Here's my client call:
$client = new Zend_Soap_Client(null, array(
'location' => 'http://example.com/service.asmx',
'uri' => 'http://example.com/'
));
$user = new UserDetail();
$result = $client->UserDetails($user);
However this always gives me the error:
System.NullReferenceException: Object reference not set to an instance of an object. at Service.UserDetails(UserDetail UserDetail)
some googling revealed that this is quite a common problem. The most common solution seemed to be to pass the parameters as an array, so I tried:
$result = $client->UserDetails(array('UserDetail' => $user));
but this gave the same error. I also tried passing the params as a stdClass object, nesting the array in another with 'params' as the key, and a few other things but the error is always the same.
I have the ASP code for the web service itself, the relevant method is:
public Result UserDetails(UserDetail UserDetail) {
[some stuff]
Hashtable ht = new Hashtable();
ht = UserDetail.GenerateData();
}
the error is caused by the GenerateData() call.
I assume the UserDetails method is getting null instead of my object as the parameter, but I'm not sure how I should be calling the method, or how I can debug this further. The majority of the Zend_Soap_Client examples I've found seem to be using WSDL, which this service is not; not sure if that is relevant. Any help appreciated!
I eventually solved this with:
$userDetails = new UserDetails();
$userDetails->UserDetail = $user;
$client->UserDetails($userDetails);
it seems ASP.net expects (and returns) params to be nested in an object/array with the same name as the method being called.
If you have any possibility to change the asp.net code I'd suggest you try an implementation of the method UserDetails without parameters just to make sure that code isn't broken.
I would then create a consumer-method in asp.net, debug the http-request and see how the userdetail-object is serialized/broken down in array form. Then it's "just" a matter of creating a similar http request from php.