Disable password checks on Laravel

#laravel #auth #password #testing

Step 1 update your .env file

Add the following to .env

LOGIN_PASSWORD_CHECK=false

Step 2 update your login controller

Change App/Http/Controllers/Auth/LoginController::attemptLogin to

protected function attemptLogin(Request $request)
{
    if (env('LOGIN_PASSWORD_CHECK', true) == false) {
        $this->guard()->login(
            User::whereEmail($request->input('email'))->firstOrFail()
        );
        return true;
    }

    return $this->guard()->attempt(
        $this->credentials($request),
        $request->filled('remember')
    );
}

Step 3 done.

That's it. Now you can login with any password, it will accept it and log into the account designated by the email your provided in the login form.

Bonus if you're using Heroku, add this to your app.json to disable password check on review apps:

{
    "env": {
        "APP_ENV": "review",
        "LOGIN_PASSWORD_CHECK": "false"
    }
}

Tell me what you thin in the comments and don't forget to leave a like!

The Next Generation Developer Platform

Coherence is the first Platform-as-a-Service you can control. Unlike "black-box" platforms that are opinionated about the infra you can deploy, Coherence is powered by CNC, the open-source IaC framework, which offers limitless customization.

Learn more