At a first glance, your code should be working

if (auth()->attempt(['email'=>request('email'), 'password'=>request('password'), 'user_status' => 'live'])) {  
//do something  
}  

perhaps i wasnt clear...

i want to do something like

if (auth()->attempt(['email'=>request('email'), 'password'=>request('password'), 'user_status' => 'live' or 'user_status' => 'deactivated' ])) {  
//do something  
}  

Ok so i found out where to change the code.. DatabaseUserProvider.php (inside laravel core pages)

/**
     * Retrieve a user by the given credentials.
     *
     * @param  array  $credentials
     * @return \Illuminate\Contracts\Auth\Authenticatable|null
     */
    public function retrieveByCredentials(array $credentials)
    {
        // First we will add each credential element to the query as a where clause.
        // Then we can execute the query and, if we found a user, return it in a
        // generic "user" object that will be utilized by the Guard instances.
        $query = $this->conn->table($this->table);

        foreach ($credentials as $key => $value) {
            if (! Str::contains($key, 'password')) {
                $query->where($key, $value);
            }
        }

        $query->whereIn('user_status', ['live','deactivated']);

        // Now we are ready to execute the query to see if we have an user matching
        // the given credentials. If not, we will just return nulls and indicate
        // that there are no matching users for these given credential arrays.
        $user = $query->first();

        return $this->getGenericUser($user);
    }

So $query->whereIn('user_status', ['live','deactivated']); is what I wanted.. but the problem is of course i dont want to change the core!

the other idea is that i could just split it out ie have another column for deactivated....