$user = \App\User::where("name", $req->us)->firstOrFail();
//add user to session
There are two approaches.
Approach 1. You can add both username password in the where condition.
If the username and password not matching, The error message will be like "Invalid Username and password"
Approach 2. (Your approach). Get the user record from the user table using
where("name", $req->us) and validate the password
if(Hash::check($user->password, $user->password)). The advantage in this approach is you can show the error message like below.
You can use any approach and from a security perspective you can go with the approach 1.