Laravel Hash::check() always return false
You're using the wrong argument order. It's Hash::check($input, $hash)
, not the other way around.
Short tinker example:
[1] > $pw = 123456;
// 123456
[2] > $hashed = Hash::make($pw);
// '$2y$10$xSugoyKv765TY8DsERJ2/.mPIOwLNdM5Iw1n3x1XNVymBlHNG4cX6'
[3] > Hash::check($hashed, $pw);
// false
[4] > Hash::check($pw, $hashed);
// true
Hash::check() has two parameters first one is plane password and another is hashed password. If password matched with hash it will return true.
Hash::check(normal_password,hashed_password);
Example :
Hash::check('123456a','$2y$10$.XB30GO4jn7bx7EauLrWkugIaCNGxiQCgrFTeFDeSSrGdQYd6Rneq');
I had the same issue and solved it like this:
I found that I was using the Hash::make function in my RegistrationService class and more important that I had already used the setPasswordAttribute function in my User model which were quickly forgotten:
class User extends Model implements AuthenticatableContract, AuthorizableContract
{
...
/**
* @param $value
*/
public function setPasswordAttribute($value)
{
$this->attributes['password'] = Hash::make($value);
}
}
So the password was double hashed and of course every Hash::check call was incorrect and return false.