diff --git a/laravel/auth/drivers/eloquent.php b/laravel/auth/drivers/eloquent.php index 8c1c6a80..26e143b9 100644 --- a/laravel/auth/drivers/eloquent.php +++ b/laravel/auth/drivers/eloquent.php @@ -26,21 +26,27 @@ public function retrieve($id) */ public function attempt($arguments = array()) { - $username = Config::get('auth.username'); + $user = $this->model()->where(function($query) use($arguments) { + $username = Config::get('auth.username'); + + $query->where($username, '=', $arguments['username']); - $user = $this->model()->where($username, '=', $arguments['username'])->first(); + foreach( array_except($arguments, array('username', 'password')) as $column => $val ) + { + $query->where($column, '=', $val); + } + })->first(); - // This driver uses a basic username and password authentication scheme - // so if the credentials match what is in the database we will just - // log the user into the application and remember them if asked. - $password = $arguments['password']; + // If the credentials match what is in the database we will just + // log the user into the application and remember them if asked. + $password = $arguments['password']; - $password_field = Config::get('auth.password', 'password'); + $password_field = Config::get('auth.password', 'password'); - if ( ! is_null($user) and Hash::check($password, $user->get_attribute($password_field))) - { - return $this->login($user->id, array_get($arguments, 'remember')); - } + if ( ! is_null($user) and Hash::check($password, $user->get_attribute($password_field))) + { + return $this->login($user->id, array_get($arguments, 'remember')); + } return false; } @@ -57,4 +63,4 @@ protected function model() return new $model; } -} \ No newline at end of file +} diff --git a/laravel/auth/drivers/fluent.php b/laravel/auth/drivers/fluent.php index 4c23468b..e5aaa506 100644 --- a/laravel/auth/drivers/fluent.php +++ b/laravel/auth/drivers/fluent.php @@ -30,10 +30,9 @@ public function retrieve($id) */ public function attempt($arguments = array()) { - $user = $this->get_user($arguments['username']); + $user = $this->get_user($arguments); - // This driver uses a basic username and password authentication scheme - // so if the credentials match what is in the database we will just + // If the credentials match what is in the database we will just // log the user into the application and remember them if asked. $password = $arguments['password']; @@ -48,18 +47,25 @@ public function attempt($arguments = array()) } /** - * Get the user from the database table by username. + * Get the user from the database table. * - * @param mixed $value + * @param mixed $array * @return mixed */ - protected function get_user($value) + protected function get_user($arguments) { $table = Config::get('auth.table'); - $username = Config::get('auth.username'); + return DB::table($table)->where(function($query) use($arguments) { + $username = Config::get('auth.username'); + + $query->where($username, '=', $arguments['username']); - return DB::table($table)->where($username, '=', $value)->first(); + foreach( array_except($arguments, array('username', 'password')) as $column => $val ) + { + $query->where($column, '=', $val); + } + })->first(); } }