The problem is that when ever anyone has "registered" with a provider, the users.password field is set to NULL in the database. Therefore attempting to authenticate a user with their email and password throws an error exception, presenting itself as a 500 server error.
The default eloquent user provider (rightly) assumes that the user.password column is always filled with a password hash (as is the default behaviour of every Laravel app). This results in the underlying hasher checking a hashed password from the form against NULL, which throws the error.
The fix here is to override the eloquent user provider with our own user provider. This provider only extends the base one and only overrides the methods that matter (in this case only the validateCredentials method).
Resolves #366
The problem is that when ever anyone has "registered" with a provider, the
users.passwordfield is set toNULLin the database. Therefore attempting to authenticate a user with their email and password throws an error exception, presenting itself as a 500 server error.The default eloquent user provider (rightly) assumes that the
user.passwordcolumn is always filled with a password hash (as is the default behaviour of every Laravel app). This results in the underlying hasher checking a hashed password from the form againstNULL, which throws the error.The fix here is to override the
eloquentuser provider with our own user provider. This provider onlyextendsthe base one and only overrides the methods that matter (in this case only thevalidateCredentialsmethod).