[11.x] Rehash user passwords when logging in once (#50843)

* Rehash user passwords when validating credentials

* Update SessionGuard.php

---------

Co-authored-by: Taylor Otwell <[email protected]>

Author: axlon

src/Illuminate/Auth/SessionGuard.php

@@ -253,6 +253,8 @@ public function once(array $credentials = [])
         $this->fireAttemptEvent($credentials);
 
         if ($this->validate($credentials)) {
+            $this->rehashPasswordIfRequired($this->lastAttempted, $credentials);
+
             $this->setUser($this->lastAttempted);
 
             return true;

tests/Auth/AuthGuardTest.php

@@ -623,6 +623,7 @@ public function testLoginOnceSetsUser()
         });
         $guard->getProvider()->shouldReceive('retrieveByCredentials')->once()->with(['foo'])->andReturn($user);
         $guard->getProvider()->shouldReceive('validateCredentials')->once()->with($user, ['foo'])->andReturn(true);
+        $guard->getProvider()->shouldReceive('rehashPasswordIfRequired')->with($user, ['foo'])->once();
         $guard->shouldReceive('setUser')->once()->with($user);
         $this->assertTrue($guard->once(['foo']));
     }
@@ -637,6 +638,7 @@ public function testLoginOnceFailure()
         });
         $guard->getProvider()->shouldReceive('retrieveByCredentials')->once()->with(['foo'])->andReturn($user);
         $guard->getProvider()->shouldReceive('validateCredentials')->once()->with($user, ['foo'])->andReturn(false);
+        $guard->getProvider()->shouldNotReceive('rehashPasswordIfRequired');
         $this->assertFalse($guard->once(['foo']));
     }