DEV Community

Benjamin Delespierre
Benjamin Delespierre

Posted on

Disable password checks on Laravel

Step 1 update your .env file

Add the following to .env

LOGIN_PASSWORD_CHECK=false
Enter fullscreen mode Exit fullscreen mode

Step 2 update your login controller

Change App/Http/Controllers/Auth/LoginController::attemptLogin to

protected function attemptLogin(Request $request)
{
    if (env('LOGIN_PASSWORD_CHECK', true) == false) {
        $this->guard()->login(
            User::whereEmail($request->input('email'))->firstOrFail()
        );
        return true;
    }

    return $this->guard()->attempt(
        $this->credentials($request),
        $request->filled('remember')
    );
}
Enter fullscreen mode Exit fullscreen mode

Step 3 done.

That's it. Now you can login with any password, it will accept it and log into the account designated by the email your provided in the login form.


Bonus if you're using Heroku, add this to your app.json to disable password check on review apps:

{
    "env": {
        "APP_ENV": "review",
        "LOGIN_PASSWORD_CHECK": "false"
    }
}
Enter fullscreen mode Exit fullscreen mode

Tell me what you thin in the comments and don't forget to leave a like!

Discussion (0)