php – Laravel 5.1 bcrypt并登录

// Creating a new user
$user = new User;
$user->firstname = $data['firstname'];
$user->lastname = $data['lastname'];
$user->email = $data['email'];
$user->password = bcrypt($data['password']);
$user->save();

这很好用,我可以登录到该应用程序.但是,我希望用户可以选择在其设置页面中更改其密码.这样做,我使用相同的技术,使用

$newPass = bcrypt($response->new_password);

并更新用户字段.但是,这样做之后,我无法登录？我在laravel中使用内置身份验证服务进行注册/登录.

我在这做错了什么？我应该采取另一种方式吗？

我还试图加密我当前的密码,并且我获得了与存储在数据库中的哈希完全不同的哈希.

这太混乱..

更新了控制器代码,

// Validation
$this->validate($request,[
    'email' => 'email','password' => 'min:8|confirmed','current_password' => 'required',]);

// Getting the user ID
$userId = Auth::id();

// Dummy hack check,change later.
if(!Auth::attempt(['id' => $userId,'password' => $request->current_password]))
{
    return redirect('settings')->with('alert','current password is wrong.');
}

// Everything is validated and ok to proceed
if($request->email)
{
    $data['email'] = $request->email;
}

if($request->password)
{
    $data['password'] = bcrypt("helloworld");
}

$user = User::where('id',$userId)->update($data);

dd($data);

转储输入的数据,

+request: ParameterBag {#40 ▼
    #parameters: array:5 [▼
      "_token" => "JQIIuCjiKQmbK0X5zCM6czYD1vIoh4PGjLO4qrFm"
      "email" => "testing@gmail.com"
      "password" => "thisisnewpass"
      "password_confirmation" => "thisisnewpass"
      "current_password" => "helloworld"
    ]
  }