Question:
I'm thinking of a way to authenticate users using their email and CPF, so far I haven't found a way to do it, does anyone have a suggestion?
public function auth(Request $request) {
$credenciais = $request->only('cli_email', 'cli_cpf');
}
Answer:
The Laravel Framework has a form of authentication with an instance of the User class , making it possible to check other data relevant to your purpose to gain access to the system, following example:
$user = User::where('cpf', $cpf)->where('email', $email)->first();
if ($user) // se verdade existe um usuário com essas informações
{
Auth::login($user); //efetuando a operação de autenticação
}
But, wouldn't it be a security flaw ?, because it's easy to find out the CPF and E-mail of some user, the password should also be informed because it's a data of each user.