Making WordPress passwords work in Laravel

Jeffrey van Rossum
Jul 24, 2017 · 1 min read

When you are exporting WordPress users to a Laravel Application, you’ll notice that the hashed password from WordPress will not authenticate in Laravel.

Now instead of your users having to reset the password, you can do the following;

I) Install the ‘Laravel WP Password’ package and follow the installation instructions.

II) Create an ‘LogFailedAuthenticationAttemp.php’ event listener (‘app/Listeners) and pasted the following code in that file;

This code will hook on a failed login attempt and check if a WordPress password variant does succeed. If it does, it will log the user in and also update the user password to a Laravel hashed variant. If not, it does nothing.

III) Finally, in the EventServiceProvider.php (app/Providers)file add the following under $listen;
‘Illuminate\Auth\Events\Failed’ => [
‘App\Listeners\LogFailedAuthenticationAttempt’,
],

That’s it. It took me some time to figure out and I thought it might be useful for someone else too.

Jeffrey van Rossum

PHP developer based in the Netherlands.

Welcome to a place where words matter. On Medium, smart voices and original ideas take center stage - with no ads in sight. Watch
Follow all the topics you care about, and we’ll deliver the best stories for you to your homepage and inbox. Explore
Get unlimited access to the best stories on Medium — and support writers while you’re at it. Just $5/month. Upgrade