Migrating users table with hashed password from old php app to new laravel app

Lose the password field as fast as you can, but if you don't want risking to lose users, you can do something like this on your auth method:

if (Auth::attempt(array('email' => Input::get('email'), 'password' => Input::get('password')))){    return Redirect::intended('dashboard');}else{    $user = User::where('email', Input::get('email'))->first();    if( $user && $user->password == md5(Input::get('password')) )    {        $user->password = Hash::make(Input::get('password'));        $user->save();        Auth::login($user->email);        return Redirect::intended('dashboard');    }}

This will basically change a password from md5 to Hash every time a user logs in.

But you really have to think about sendind a link to all your users so they change their passwords.

EDIT:

To improve security even more, according to @martinstoeckli comment, would be better to:

Hash all your current md5 passwords:

foreach(Users::all() as $user){    $user->password = Hash::make($user->password);    $user->save();}

And then use an even more cleaner method to update your passwords:

$password = Input::get('password');$email = Input::get('email');if (Auth::attempt(array('email' => $email, 'password' => $password))){    return Redirect::intended('dashboard');}elseif (Auth::attempt(array('email' => $email, 'password' => md5($password)))){    Auth::user()->password = Hash::make($password);    Auth::user()->save();    return Redirect::intended('dashboard');}