insert existing users with plain-text passwords into Laravel’s users table

by

To insert existing users with plain-text passwords into Laravel’s users table (used by Laravel Breeze authentication), follow these steps:

Step 1: Hash Passwords Before Inserting

Since Laravel requires bcrypt hashed passwords, you need to hash them before inserting into the users table.

You can do this in a Laravel command, seeder, or migration script.

Method 1: Using Tinker (Quickest Method)

If you only have a few users, manually hash and insert them via Laravel Tinker:

  1. Open your terminal and navigate to your Laravel project: php artisan tinker
  2. Run the following command to insert a user:
    use Illuminate\Support\Facades\Hash;
    use App\Models\User;
    User::create([ 'name' => 'John Doe', 'email' => 'johndoe@example.com', 'password' => Hash::make('your_plain_password'), // Hash the password ]);

Method 2: Bulk Insert from an Old Table

If your users are stored in another MySQL table, you can migrate them using a Laravel artisan command or a simple script.

1. Create a Laravel Command

Run this in your terminal:

php artisan make:command MigrateUsers

Then open app/Console/Commands/MigrateUsers.php and modify it:

namespace App\Console\Commands;

use Illuminate\Console\Command;
use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Hash;
use App\Models\User;

class MigrateUsers extends Command
{
    protected $signature = 'migrate:users';
    protected $description = 'Migrate old users and hash their passwords';

    public function handle()
    {
        // Fetch users from the old table (change 'old_users' to your actual table name)
        $oldUsers = DB::table('old_users')->get();

        foreach ($oldUsers as $oldUser) {
            User::updateOrCreate(
                ['email' => $oldUser->email], // Prevent duplicates
                [
                    'name' => $oldUser->name,
                    'email' => $oldUser->email,
                    'password' => Hash::make($oldUser->password), // Hash the password
                ]
            );
        }

        $this->info('User migration completed successfully!');
    }
}

2. Run the Migration Command

After saving the file, run:

php artisan migrate:users

This will migrate all users from the old_users table into Laravel’s users table.

Method 3: Direct MySQL Query (Not Recommended)

If you must insert users directly into MySQL, hash passwords before inserting:

Run this query in Laravel Tinker:

use Illuminate\Support\Facades\DB;
use Illuminate\Support\Facades\Hash;

DB::table('users')->insert([
    'name' => 'John Doe',
    'email' => 'johndoe@example.com',
    'password' => Hash::make('your_plain_password'), // Hash before inserting
]);

Final Notes

  • Laravel uses bcrypt (Hash::make()) for security.
  • Never store passwords in plain text in MySQL!
  • If users already have SHA-256 passwords, you need custom authentication logic, but bcrypt is the best approach.

Leave a Comment