Custom database and Laravel password migration

Hello!

I’m doing Custom Database connection to my Laravel application. The connection itself is set-up to corresponding database and data from the users table is retrieved. However, I would like to check if user can be authenticated or not using Laravel hashed password. Right now I always get response “401 - Unauthorized”.

Does anybody have ideas how to implement this using “Database Action Scripts” in Auth0? Here is my code:

function login(email, password, callback) {
const mysql = require(‘mysql’);
const bcrypt = require(‘bcrypt’);

const connection = mysql.createConnection({
host: configuration.ip,
user: configuration.user,
password: configuration.password,
database: configuration.database
});

//console.log(connection);

connection.connect();

const query = ‘SELECT id, name, email, password FROM users WHERE email = ?’;

connection.query(query, [ email ], function(err, results) {
if (err) console.log(err);
if (err) return callback(err);
if (results) console.log(results);
if (results.length === 0) return callback(new WrongUsernameOrPasswordError(email));
const user = results[0];

bcrypt.compare(password, user.password, function(err, isValid) {
  if (err || !isValid) return callback(err || new WrongUsernameOrPasswordError(email));
  callback(null, {
    user_id: user.id.toString(),
    //user_id: user.email,
    nickname: user.name,
    email: user.email
  });
});

});
}

Thank you in advance!

Best regards,
Levipro

Hi @levipro,

Welcome to the Auth0 Community Forum!

Are you on an enterprise account? Custom database is an enterprise feature and could be throwing the unauthorized error if it is not allowed. Mentioned in the docs here.

Otherwise it looks like you may have already seen this, but here is the suggested login script for bcrypt hashes:

Thanks,
Dan

Hello!

Thank you! Probably that’s the case - I have developer subscription. It would make pretty much sense that notice is shown also on the Auth0 Dashboard. Otherwise, if only reference is in docs and response from API with the message “401 - Unauthorized” then it could be misleading. Interestingly, Wordpress custom database worked well but with Laravel it fails.

I will go with another process then and this thread can be closed. Thanks again!

Best regards,
Levipro

Sorry about the confusion! Let us know if there is anything else we can help with.

Thanks,
Dan

This topic was automatically closed 14 days after the last reply. New replies are no longer allowed.