attempt() never returns null, but returns blank booleans

[casey977]

Subject of the issue

When I use auth() with attempt(), I'm always getting an HTTP OK (200) as a result with the following code. In spite of invalid credentials, and even a truncated table, attempt() never returns null, but a blank boolean, that is, blank/nothing when I do Log::debug($token), and "boolean" when I do Log::debug(gettype($token)). I use PostgreSQL.

Your environment

Q	A
Bug?	yes
New Feature?	no
Framework	Laravel
Framework version	10
Package version	10.44.0
PHP version	8.2.7

Steps to reproduce

I'm just making a basic system, with the given code. I'm still new to Laravel, but I think this is a bug.

Expected behaviour

I'm expecting attempt() to return null when checking credentials fail.

Actual behaviour

I get a blank boolean which in the provided code leads to HTTP 200.

controller:

<?php

namespace App\Http\Controllers;

use Illuminate\Http\Request;
use Illuminate\Support\Facades\Log;
use Illuminate\Support\Facades\Hash;
use Tymon\JWTAuth\Facades\JWTAuth;

use App\Models\Member;

class Login extends Controller {
    public function login() {
        try {
            $creds = request(['email', 'password']);
            $token = auth()->guard('member')->attempt($creds);

            if (is_null($token)) {
                return response()->json(['error' => 'Invalid credentials'], 401);
            } else {
                return response()->json(['token' => $token], 200);
            }
        } catch (Exception $error) {
            Log::error('Error logging in!');
            return response()->json(['error' => 'Error logging in!'], 500);
        }
    }
}

auth.php

<?php

return [

    'defaults' => [
        'guard' => 'web',
        'passwords' => 'members',
    ],

    'guards' => [
        'web' => [
            'driver' => 'jwt',
            'provider' => 'members',
        ],
        'api' => [
            'driver' => 'jwt',
            'provider' => 'members',
        ],
        'member' => [
            'driver' => 'jwt',
            'provider' => 'members',
        ],
    ],

    'providers' => [
        'members' => [
            'driver' => 'eloquent',
            'model' => App\Models\Member::class,
        ],
    ],

    'passwords' => [
        'members' => [
            'provider' => 'members',
            'table' => 'password_reset_tokens',
            'expire' => 60,
            'throttle' => 60,
        ],
    ],

    'password_timeout' => 10800,

];

[eznix86]

I think the guard should be 'api'