No password in Customer Add page in Admin Panel

  • There is not field for adding password in Customer/add page. But a password is inserting in database. What is the password that is generating?

  • Passwords are random bcrypt hash strings

    $password = bcrypt(rand(100000,10000000));

    Open packages\Webkul\Admin\src\Http\Controllers\Customer\CustomerController.php

    and inside the store function you will find the code from above

         * Store a newly created resource in storage.
         * @return \Illuminate\Http\Response
        public function store()
            $this->validate(request(), [
                'channel_id' => 'required',
                'first_name' => 'string|required',
                'last_name' => 'string|required',
                'gender' => 'required',
                'email' => 'required|unique:customers,email',
                'date_of_birth' => 'date|before:today'
            $data = request()->all();
            $password = bcrypt(rand(100000,10000000));
            $data['password'] = $password;
            $data['is_verified'] = 1;
            session()->flash('success', trans('admin::app.response.create-success', ['name' => 'Customer']));
            return redirect()->route($this->_config['redirect']);

  • This implementation does not seem correct. It seems to rely on that the pwd will be communicated via email.

    Better way in my opinion should be to have a default password created and same to be know to the Admin who is creating a user. When a customer is logging first time, then he/she can be prompted to change the pwd.

Log in to reply