diff --git a/app/Auth/PassportUserRepository.php b/app/Auth/PassportUserRepository.php index 1c3fded..f4ea949 100644 --- a/app/Auth/PassportUserRepository.php +++ b/app/Auth/PassportUserRepository.php @@ -3,13 +3,22 @@ namespace App\Auth; use Laravel\Passport\Bridge\UserRepository; -use League\OAuth2\Server\Entities\ClientEntityInterface; +use Laravel\Passport\Bridge\UserRepositoryInterface; use Laravel\Passport\Bridge\User; -use Illuminate\Support\Facades\Hash; +use League\OAuth2\Server\Entities\ClientEntityInterface; use App\Models\User as UserModel; class PassportUserRepository extends UserRepository { + /** + * OAuth2. + * + * @param string $username + * @param string $password + * @param string $grantType + * @param ClientEntityInterface $clientEntity + * @return User|null + */ public function getUserEntityByUserCredentials( $username, $password, @@ -18,37 +27,14 @@ class PassportUserRepository extends UserRepository ) { $user = UserModel::where('email', $username)->first(); - if (!$user) { + if (! $user) { return null; } - // Avoid Hash::check() error with non-bcrypt hashes - if ($this->isBcryptHash($user->password)) { - if (Hash::check($password, $user->password)) { - return new User($user->id); - } - } else { - // If the hash is not bcrypt, check for MD5 manually - if (md5($password) === $user->password) { - // Upgrade password to bcrypt - $user->password = Hash::make($password); - $user->save(); - - return new User($user->id); - } + if (md5($password) === $user->password) { + return new User($user->getAuthIdentifier()); } return null; } - - /** - * Check if the given hash uses the bcrypt algorithm. - * - * @param string $hashedPassword - * @return bool - */ - protected function isBcryptHash($hashedPassword): bool - { - return password_get_info($hashedPassword)['algo'] === PASSWORD_BCRYPT; - } }