Correct LoginRequest retrieved user type to allow null

AngelinCalu · AngelinCalu · commit 2db7baa56cbc · 2025-09-14T20:25:08.000+03:00
The issue was caused by a too-strict PHPDoc that assumed the retrieved user is always a User. However, `retrieveByCredentials()` can return null.
This aligns the docblock with the actual return type, making the subsequent null/credential checks type-safe.
diff --git a/app/Http/Requests/Auth/LoginRequest.php b/app/Http/Requests/Auth/LoginRequest.php
@@ -41,7 +41,7 @@ public function validateCredentials(): User
     {
         $this->ensureIsNotRateLimited();
 
-        /** @var User $user */
+        /** @var User|null $user */
         $user = Auth::getProvider()->retrieveByCredentials($this->only('email', 'password'));
 
         if (! $user || ! Auth::getProvider()->validateCredentials($user, $this->only('password'))) {

Original file line number	Diff line number	Diff line change
`@@ -41,7 +41,7 @@ public function validateCredentials(): User`
`41`	`41`	`{`
`42`	`42`	`$this->ensureIsNotRateLimited();`
`43`	`43`
`44`		`- /** @var User $user */`
	`44`	`+ /** @var User\|null $user */`
`45`	`45`	`$user = Auth::getProvider()->retrieveByCredentials($this->only('email', 'password'));`
`46`	`46`
`47`	`47`	`if (! $user \|\| ! Auth::getProvider()->validateCredentials($user, $this->only('password'))) {`