Support the ongoing development of Laravel.io →
posted 4 years ago
Last updated 2 years ago.
0
moderator

You can search with the encrypted value from your input unless it is part of a larger text value.

// replace $input with your input value
// replace yourEncryptFunction with the encrypt function you use
$seach = yourEncryptFunction($input);
// encrypted_token should be the field you want to search
$user = User::where('encrypted_token', $search)->find();
if (!$user) {
    // not found
}
0

Thanks for your answer.

Is this also possible with the Laravel Crypt function?

0

My approach was, if I get the RFID key as a request, then I want to search for it in the database, if it is found, then I get the USER ID.

$credentials = $request->only('RFID'); $user = User::firstorfail()->where('APP_Token', $credentials)->pluck('id')->toArray();

With the package betterapp\LaravelDbEncrypter\Traits\EncryptableDbAttribute I encrypt the data set on the model level, via casts it is decrypted again. But in the Where clause, he can not find the key.

But if I encrypt RFID again to search for the string, then this value is encrypted differently than it is in the database.

Last updated 4 years ago.
0

$credentials is an array -> you'll never find a match...

$credentials = $request->only('RFID'); $user = User::firstorfail()->where('APP_Token', $credentials['RFID'])->pluck('id')->toArray(); or

$credentials = $request->input('RFID'); $user = User::firstorfail()->where('APP_Token', $credentials)->pluck('id')->toArray(); should do the trick with your used package

Last updated 4 years ago.
0

There are many ways to do. In here you will get many solution may be all is correct. by my perspective it would be likt this

app token generate when register an user

use Illuminate\Support\Facades\Hash;
public function store(Request $request){
$user = User:create($request->all);
$user->save();
$app_token = Hash::make($user->id);
User::where('id', $user->id)->update([
'app_token' => $app_token
]);
}

Now find by hash/encrypted key

Please pass the encrypted value from view or whatever you want. please modify code according to your solution

public function find(User $user){
$app_token = Hash::check($user);

if($app_token == $user->app_token){
echo "User name is $user->name";
} else{
echo "user is not registered";
}
}

Please modify this according to your code, database column.

Last updated 4 years ago.
0

That's not correct. He uses a package whick auto crypt/decrypt in the model - so it's not necessary to encrypt/decrypt anything.

0

@jetwes with my Solution AND no encrypted Data, i get a match.

I try your example with encryption a soon as possible.

0

`user model.
use betterapp\LaravelDbEncrypter\Traits\EncryptableDbAttribute; class User extends Authenticatable implements MustVerifyEmail { use Notifiable, EncryptableDbAttribute;

    protected $encryptable = [
        'APP_Token',
    ];

protected $casts = [ 'email_verified_at' => 'datetime', 'APP_Token' => EncryptableDbAttribute::class,`

even if I put it into Tinker, I still get the encrypted value back But on my view I have the decrypted value. How should I work with it then?

my first thought was to get all users with the APP_Token and the ID into an array. Then I continue from there.

But the data is still encrypted in the controller.

Last updated 4 years ago.
0

Why do you cast it? Remove the APP_TOKEN from your casts array and all should work as expected...

0

Hello,

in the description it says that you should include this in the cast function.

But! If I remove the key from the cast I still can't search for the key because it is still given to me encrypted.

0

It's really difficult to tell what exactly you are doing... Can you provide your full model and full controller code ...

0

User Model `<?php

namespace App;

use Illuminate\Contracts\Auth\MustVerifyEmail; use Illuminate\Foundation\Auth\User as Authenticatable; use Illuminate\Notifications\Notifiable; use App\Weapons; use App\Shootingrange; use App\Shootingbook; use App\Education; use App\Club; use Auth; use Illuminate\Support\Facades\DB; use betterapp\LaravelDbEncrypter\Traits\EncryptableDbAttribute;

class User extends Authenticatable implements MustVerifyEmail { use Notifiable, EncryptableDbAttribute;

/** @var array The attributes that should be encrypted/decrypted */
    protected $encryptable = [
        'APP_Token',
    ];
/**
 * The attributes that are mass assignable.
 *
 * @var array
 */
protected $fillable = [
    'name', 'vorname','strasse','PLZ','Ort','telefon','mobil','mitgliedsnr', 'email', 'password','isVereinAdmin',
    'NWR_PID', 'NWR_EID', 'APP_Token'
];

/**
 * The attributes that should be hidden for arrays.
 *
 * @var array
 */
protected $hidden = [
    'password', 'remember_token',
];

/**
 * The attributes that should be cast to native types.
 *
 * @var array
 */
protected $casts = [
    'email_verified_at' => 'datetime',


];


public function shootingranges (){

  return $this->hasMany('App\Shootingrange');
}
public function shootingbooks (){

  return $this->hasMany('App\Shootingbook');
}

public function weapons () {

  return $this->hasMany('App\Weapon');
}

public function educations () {
    // m:n Beziehung!!
  return $this->belongsToMany('App\Education', 'user_education')->withTimestamps();
}

public function clubs () {

    return $this->belongsToMany('App\Club', 'club_user')
          ->withPivot(['isVAdmin'])
          ->withTimestamps();
}

public function isVAdmin() {

 return User::where('id', Auth::id())->where('isVereinAdmin', 1)->exists();

}

public function getUserAdminClubID()
{
    $ClubID= DB::table('users')
                ->leftJoin('club_user', 'club_user.user_id', '=' , 'users.id' )
                ->leftJoin('clubs', 'club_user.club_id', '=' , 'clubs.id' )
                ->where('users.id', Auth::id())
                ->where('club_user.isVAdmin', 1)
                ->select('clubs.id')
                ->first();

    return $ClubID;
    //auth()->user()->getUserAdminClubID()->id

}

public function getdefaultClubName()
{
    if(empty(Club::find(Auth::user()->defaultVerein)->name)){
      return '';
    }else{
      return Club::find(Auth::user()->defaultVerein)->name;
    }

}

public function isSiteAdmin() {

 return User::where('id', Auth::id())->where('isAdmin', 1)->exists();

}

public function UserhasWeapon(){

  return User::find(Auth::id())->weapons()->exists();
}

} `

Login Controller `<?php

namespace App\Http\Controllers\Auth;

use App\Http\Controllers\Controller; use App\Providers\RouteServiceProvider; use Illuminate\Foundation\Auth\AuthenticatesUsers; use Illuminate\Http\Request; use App\User; use Auth; use Illuminate\Support\Facades\Hash; use Illuminate\Support\Facades\Validator;

class LoginController extends Controller { protected $maxAttempts = 3; // Default is 5 protected $decayMinutes = 2; // Default is 1

 /*
|--------------------------------------------------------------------------
| Login Controller
|--------------------------------------------------------------------------
|
| This controller handles authenticating users for the application and
| redirecting them to your home screen. The controller uses a trait
| to conveniently provide its functionality to your applications.
|
*/


use AuthenticatesUsers;

/**
 * Where to redirect users after login.
 *
 * @var string
 */
protected $redirectTo = RouteServiceProvider::HOME;

/**
 * Create a new controller instance.
 *
 * @return void
 */
public function __construct()
{
    $this->middleware('guest')->except('logout');
    $this->middleware('guest:club')->except('logout');
}

public function showAPILogin()
{

  return view('auth.apilogin');
}

public function APILogin(Request $request)
{
    $credentials = $request->only('RFID');

    $user = User::firstorfail()->where('APP_Token', $credentials)->pluck('id')->toArray();


    if(!empty($user))
    {
          if (Auth::guard('web')->loginUsingId($user, true)) {

              return redirect()->intended('/Zeiterfassen');
          }
    }else
    {
      return back()->withErrors(['RFID' => 'Dieser RFID Token ist nicht bekannt!']);

    }
}

} `

0

Hello, does anyone have an idea how I can search for the number?

Thanks.

0

Sign in to participate in this thread!

Eventy

Your banner here too?

Matthias matze1708 Joined 22 Jul 2020

Moderators

We'd like to thank these amazing companies for supporting us

Your logo here?

Laravel.io

The Laravel portal for problem solving, knowledge sharing and community building.

© 2024 Laravel.io - All rights reserved.