Laravel Auth/Guard not signing in using valid credentials

Question

This is a follow-up on my previous question regarding form requests, which has now been resolved. Unfortunately, the app will not sign in with the correct credentials. I've had this issue before, and the solution had something to do with the session - however, this is not the case here as the session is being set correctly, as well as a key.

When providing the correct credentials, $auth->attempt() returns false.

Schema:

Schema::create('users', function (Blueprint $t) {
    $t->increments('id')->unsigned();
    $t->timestamps();
    $t->rememberToken();
    $t->boolean('system')->default(false);
    $t->boolean('activated')->default(true);

    $t->string('username')->unique();
    $t->string('email')->unique()->nullable();
    $t->string('passphrase', 64);
    $t->string('first_name', 20)->nullable();
    $t->string('last_name', 20)->nullable();

    $t->text('meta')->nullable();
});

Seed:

$adminUser = App\User::create([
    'system' => true,
    'username' => 'SysAdmin',
    'passphrase' => bcrypt('the-password'),
]);
$adminUser->attachRole($administratorRole);

User Model:

namespace App;

use Bican\Roles\Contracts\HasRoleAndPermission as HasRoleAndPermissionContract;
use Bican\Roles\Traits\HasRoleAndPermission;
use Illuminate\Auth\Authenticatable;
use Illuminate\Auth\Passwords\CanResetPassword;
use Illuminate\Contracts\Auth\Authenticatable as AuthenticatableContract;
use Illuminate\Contracts\Auth\CanResetPassword as CanResetPasswordContract;
use Illuminate\Database\Eloquent\Model;

class User extends Model implements AuthenticatableContract, CanResetPasswordContract, HasRoleAndPermissionContract
{
    use Authenticatable, CanResetPassword, HasRoleAndPermission;

    protected $table = 'users';
    protected $fillable = ['system', 'username', 'email', 'passphrase', 'first_name', 'last_name'];
    protected $hidden = ['passphrase', 'remember_token'];
}

AuthController::attemptSignIn() method:

The user may sign in with either their username or email address.

public function attemptSignIn(SignInRequest $request = null, $type = 'regular')
{
    switch ($type) {
        case 'regular':
            $identifierFieldName = 'account_identifier';
            $field = filter_var($this->request->input($identifierFieldName), FILTER_VALIDATE_EMAIL) ? 'email' : 'username';
            $this->request->merge([$field => $this->request->input($identifierFieldName)]);
            $specifics = $this->request->only($field, 'passphrase');
            if ($this->auth->attempt($specifics)) {
                return redirect($this->redirectPath);
            } else {
                return redirect($this->signInPath)
                    ->with('authError', "The credentials you've provided are incorrect.")
                    ->with('authErrorType', 'danger')
                    ->withInput($this->request->only($identifierFieldName));
            }
            break;

        case 'oota':

            break;
    }
}

The information set in $specifics is correct, and matches the record in the database.

Perhaps I am missing something simple?

Answer 1

As stated here, password is hardcoded into Laravel's authentication protocol. As such, I simply needed to change the array sent to attempt:

$specifics['password'] = $specifics['passphrase'];
unset($specifics['passphrase']);