/** * Validate a user against the given credentials. * * @param \Illuminate\Contracts\Auth\Authenticatable $user * @param array $credentials * @return bool */ public function validateCredentials(Authenticatable $user, array $credentials) { if ($user instanceof CustomKeyAuthenticable) { $method = 'get' . ucfirst($user->getAuthKeyName()); } else { $method = 'getEmail'; } return app('hash')->check($credentials['password'], $user->getAuthPassword()) && trim(strtolower($credentials['email'])) === trim(strtolower($user->{$method}())); }