laravel – Customized authentication with CPF and E-MAIL

Question:

I'm thinking of a way to authenticate users using their email and CPF, so far I haven't found a way to do it, does anyone have a suggestion?

public function auth(Request $request) {
    $credenciais = $request->only('cli_email', 'cli_cpf');
}

Answer:

The Laravel Framework has a form of authentication with an instance of the User class , making it possible to check other data relevant to your purpose to gain access to the system, following example:

$user = User::where('cpf', $cpf)->where('email', $email)->first();
if ($user) // se verdade existe um usuário com essas informações
{
    Auth::login($user); //efetuando a operação de autenticação
}

But, wouldn't it be a security flaw ?, because it's easy to find out the CPF and E-mail of some user, the password should also be informed because it's a data of each user.

Scroll to Top