Mapping Model User authentication to Sunday English

4 weeks ago · 48b001d052
parent b3fab2a4b6
commit 48b001d052
4 changed files with 37 additions and 22 deletions
--- a/app/Auth/CustomUserProvider.php
+++ b/app/Auth/CustomUserProvider.php
@ -12,22 +12,31 @@ class CustomUserProvider extends EloquentUserProvider
        $plain = $credentials['password'];
        $hashed = $user->getAuthPassword();

+        // Check if the stored password is a bcrypt hash
        if ($this->isBcryptHash($hashed)) {
+            // Use the hasher to verify the password
            if ($this->hasher->check($plain, $hashed)) {
-                return true;
+            return true;
            }
        } else {
+            // Fallback for legacy MD5 hashes
            if (md5($plain) === $hashed) {
-                // Upgrade lên bcrypt
-                $user->password = $this->hasher->make($plain);
-                $user->save();
-                return true;
+            // Upgrade the password to bcrypt
+            $user->password = $this->hasher->make($plain);
+            $user->save();
+            return true;
            }
        }

        return false;
    }

+    /**
+     * Determine if the given hash is a bcrypt hash.
+     *
+     * @param string $hashedPassword
+     * @return bool
+     */
    protected function isBcryptHash($hashedPassword): bool
    {
        return password_get_info($hashedPassword)['algo'] === PASSWORD_BCRYPT;
--- a/app/Auth/PassportUserRepository.php
+++ b/app/Auth/PassportUserRepository.php
@ -22,26 +22,31 @@ class PassportUserRepository extends UserRepository
            return null;
        }

-        // Tránh lỗi Hash::check() với MD5
+        // Avoid Hash::check() error with non-bcrypt hashes
        if ($this->isBcryptHash($user->password)) {
            if (Hash::check($password, $user->password)) {
-                return new User($user->id);
+            return new User($user->id);
            }
        } else {
-            // Hash không phải bcrypt, kiểm tra MD5 thủ công
+            // If the hash is not bcrypt, check for MD5 manually
            if (md5($password) === $user->password) {
-                // Nâng cấp mật khẩu lên bcrypt
-                $user->password = Hash::make($password);
-                $user->save();
+            // Upgrade password to bcrypt
+            $user->password = Hash::make($password);
+            $user->save();

-                return new User($user->id);
+            return new User($user->id);
            }
        }

        return null;
    }

-    // Thêm method kiểm tra thuật toán hash
+    /**
+     * Check if the given hash uses the bcrypt algorithm.
+     *
+     * @param string $hashedPassword
+     * @return bool
+     */
    protected function isBcryptHash($hashedPassword): bool
    {
        return password_get_info($hashedPassword)['algo'] === PASSWORD_BCRYPT;
--- a/app/Providers/AuthServiceProvider.php
+++ b/app/Providers/AuthServiceProvider.php
@ -5,10 +5,10 @@ namespace App\Providers;
 use Illuminate\Foundation\Support\Providers\AuthServiceProvider as ServiceProvider;
 use Laravel\Passport\Passport;
 use League\OAuth2\Server\AuthorizationServer;
-use App\Auth\PassportUserRepository; // thêm dòng này
+use App\Auth\PassportUserRepository; // Custom Passport user repository
 use Laravel\Passport\Bridge\RefreshTokenRepository;
 use Illuminate\Support\Facades\Auth;
-use App\Auth\CustomUserProvider; // thêm dòng này
+use App\Auth\CustomUserProvider; // Custom user provider for web login
 use DateInterval;

 class AuthServiceProvider extends ServiceProvider
@ -17,23 +17,24 @@ class AuthServiceProvider extends ServiceProvider

    public function boot(): void
    {
+        // Set Passport token expiration times
        Passport::tokensExpireIn(now()->addHour());
        Passport::refreshTokensExpireIn(now()->addMonth());

-        // Đăng ký CustomUserProvider cho login web
+        // Register CustomUserProvider for web login
        Auth::provider('custom', function ($app, array $config) {
            return new CustomUserProvider($app['hash'], $config['model']);
        });

-        // Passport custom repository cho API login
+        // Use custom Passport user repository for API login
        $this->app->afterResolving(AuthorizationServer::class, function ($server) {
            $grant = new \League\OAuth2\Server\Grant\PasswordGrant(
-                app(PassportUserRepository::class), // Custom Passport user repository
-                app(RefreshTokenRepository::class)
+            app(PassportUserRepository::class), // Custom Passport user repository
+            app(RefreshTokenRepository::class)
            );
-            $grant->setRefreshTokenTTL(new DateInterval('P1M')); // 1 tháng refresh token
+            $grant->setRefreshTokenTTL(new DateInterval('P1M')); // 1 month refresh token

-            $server->enableGrantType($grant, new DateInterval('PT1H')); // 1 giờ access token
+            $server->enableGrantType($grant, new DateInterval('PT1H')); // 1 hour access token
        });
    }
 }
--- a/bootstrap/providers.php
+++ b/bootstrap/providers.php
@ -1,5 +1,5 @@
 <?php
-
+// List of service providers to be registered by the application
 return [
    App\Providers\AppServiceProvider::class,
    App\Providers\AuthServiceProvider::class,