No password in Customer Add page in Admin Panel



  • There is not field for adding password in Customer/add page. But a password is inserting in database. What is the password that is generating?



  • Passwords are random bcrypt hash strings

    $password = bcrypt(rand(100000,10000000));
    

    Open packages\Webkul\Admin\src\Http\Controllers\Customer\CustomerController.php

    and inside the store function you will find the code from above

         /**
         * Store a newly created resource in storage.
         *
         * @return \Illuminate\Http\Response
         */
        public function store()
        {
            $this->validate(request(), [
                'channel_id' => 'required',
                'first_name' => 'string|required',
                'last_name' => 'string|required',
                'gender' => 'required',
                'email' => 'required|unique:customers,email',
                'date_of_birth' => 'date|before:today'
            ]);
    
            $data = request()->all();
    
            $password = bcrypt(rand(100000,10000000));
    
            $data['password'] = $password;
    
            $data['is_verified'] = 1;
    
            $this->customer->create($data);
    
            session()->flash('success', trans('admin::app.response.create-success', ['name' => 'Customer']));
    
            return redirect()->route($this->_config['redirect']);
        }
    


  • This implementation does not seem correct. It seems to rely on that the pwd will be communicated via email.

    Better way in my opinion should be to have a default password created and same to be know to the Admin who is creating a user. When a customer is logging first time, then he/she can be prompted to change the pwd.


Log in to reply