Laravel Auth - use md5 instead of the integrated Hash::make()
MD5 is horribly outdated. I recommend that you don't try to keep it.Instead, when a user first logs in, and Auth::attempt fails, you should then try to compare their password to the database as MD5
$user = User::where('username', '=', Input::get('username'))->first();if(isset($user)) { if($user->password == md5(Input::get('password'))) { // If their password is still MD5 $user->password = Hash::make(Input::get('password')); // Convert to new format $user->save(); Auth::login(Input::get('username')); }}
Don't use md5 for password hashing. Even the php manual warns against it: "Warning It is not recommended to use this function to secure passwords, due to the fast nature of this hashing algorithm.".But in your case you can use the below snippet in your project
$user = User::where([ 'login_id' => $request->login_id, 'password' => md5($request->password) ])->first(); if ($user) { Auth::login($user); return redirect()->intended('home')->withSuccess('User Signed in'); }