I am having hard time working with Laravel 4 Auth::attempt method , followed the right documentation, read couple of SO threads but still i am not able to get it working.

$userData = array('email' => 'admin@admin.com','password' => 'admin');
if(Auth::attempt($userData)){
    // redirect
}
else{
   echo 'Invalid';
}

And it returns Invalid everytime

Now i am not sure what is the actual reason.

In my config/auth.php i have following

<?php

   return array(
/*
|--------------------------------------------------------------------------
| Default Authentication Driver
|--------------------------------------------------------------------------
|
| This option controls the authentication driver that will be utilized.
| This drivers manages the retrieval and authentication of the users
| attempting to get access to protected areas of your application.
|
| Supported: "database", "eloquent"
|
*/

'driver' => 'eloquent',

/*
|--------------------------------------------------------------------------
| Authentication Model
|--------------------------------------------------------------------------
|
| When using the "Eloquent" authentication driver, we need to know which
| Eloquent model should be used to retrieve your users. Of course, it
| is often just the "User" model but you may use whatever you like.
|
*/

'model' => 'User',

/*
|--------------------------------------------------------------------------
| Authentication Table
|--------------------------------------------------------------------------
|
| When using the "Database" authentication driver, we need to know which
| table should be used to retrieve your users. We have chosen a basic
| default value but you may easily change it to any table you like.
|
*/

'table' => 'users',

/*
|--------------------------------------------------------------------------
| Password Reminder Settings
|--------------------------------------------------------------------------
|
| Here you may set the settings for password reminders, including a view
| that should be used as your password reminder e-mail. You will also
| be able to set the name of the table that holds the reset tokens.
|
*/
'reminder' => array(
    'email' => 'emails.auth.reminder', 'table' => 'password_reminders',
),
 );
 ?>

Make sure that your password field in your db has space for 64 characters. varchar(64)

The hash needs 64 characters and you won't get an error from laravel if your hashed password is truncated on insertion (and therefore not able to ever validate a password positively).

@eric-evans is correct. To use authentication in laravel 4, you must make your "user" model uses the \Illuminate\Auth\UserInterface interface, and implements the methods

public function getAuthIdentifier() {
            return $this->getKey();
  }
public function getAuthPassword() {
            return $this->password;
        }

Could you show code for your model? These are some things that should be in the User model in order for Auth to work.

<?php

    use Illuminate\Auth\UserInterface;
    use Illuminate\Auth\Reminders\RemindableInterface;

    class User extends Eloquent implements UserInterface, RemindableInterface{

    protected $fillable = array('fname','lname','email','password','create_at','updated_at');

    /**
    * The database table used by the model.
    *
    * @var string
    */
    protected $table = 'users';

    /**
    * The attributes excluded from the model's JSON form.
    *
    * @var array
    */
    protected $hidden = array('password');

    /**
    * Get the unique identifier for the user.
    *
    * @return mixed
    */
    public function getAuthIdentifier()
    {
        return $this->getKey();
    }

    /**
    * Get the password for the user.
    *
    * @return string
    */
    public function getAuthPassword()
    {
        return $this->password;
    }

    /**
    * Get the e-mail address where password reminders are sent.
    *
    * @return string
    */
    public function getReminderEmail()
    {
        return $this->email;
    }
}

I was having some trouble with this as well. What I noticed is that in my User model I had:

protected $softDelete = true;

In the database I had the deleted_at column, but it defaulted with a zeroed out timestamp - 0000-00-00 00:00:00. This was causing the record to not be found and in turn causing the authentication to fail.

I had to fix the migration to have the deleted_at column properly created like so:

public function up()
{
  Schema::create('users', function($t) {
    $t->increments('id');
    $t->string('first_name');
    $t->string('last_name');
    $t->string('username');
    $t->string('email');
    $t->string('password');
    $t->softDeletes();
    $t->timestamps();
  });
}

Here are the docs on soft delete: http://laravel.com/docs/eloquent#soft-deleting

The Auth class requires a column called id as your primary key in your users table.

Note that you User table , the password field is Hashed, cause of Auth::attempt($credentials); $credentials->password evaluate the hashed password

Check does your password is hashed. It should not be normal text..

Your code is bugging out because you are passing the wrong array keys to Auth::attempt(). That method requires an array with keys username, password and optionally remember. In that light, your above code should be:

Route::post('login', function()
{
    $credentials = [
        'username' => 'admin@email.com',
        'password' => 'superSecretPassword'
    ];

    dd(Auth::attempt($credentials));
});