Geek Answers Handbook

How to configure CakePHP $ this-> Auth-> login () to use a user password

CakePHP v.2.4 ...

I am following this documentation trying to configure the Auth component to use my custom password hash class:

App::uses('PHPassPasswordHasher', 'Controller/Component/Auth');

class AppController extends Controller {

    // auth needed stuff
    public $components = array(
        'Session',
        'Cookie',
        'Auth'      => array(
            'authenticate'      => array(
                'Form'  => array(
                    'fields' => array('username'=>'email', 'password'=>'password'),
                    'passwordHasher'    => 'PHPass' 

                )
            ),

Inside my UserController :: login (), I debug the return from $this->Auth->login();and always returns false, even when I send the correct email address / password.

(NOTE: It seems strange to me that it login()does not accept any parameters, but the documents seem to imply that it automatically looks into the request data. And this makes sense if my configurations do not correctly call it to check the User.email field instead of the username .)

:

array(
    'User' => array(
        'password' => '*****',
        'email' => 'whatever@example.com'
    )
)

?

Update2

, . , , .

app/Controller/Component/Auth/PHPassPasswordHasher.php

<?php
App::import('Vendor', 'PHPass/class-phpass'); //<--this exists and defines PasswordHash class
class PHPassPasswordHasher extends AbstractPasswordHasher {

    public function hash($password) {
        $hasher = new new PasswordHash( 8, true );
        return $hasher->HashPassword($password);
    }

    public function check($password, $hashedPassword) {
        debug('PHPassHasher'); die('Using custom hasher'); //<--THIS NEVER HAPPENS!
        $hasher = new new PasswordHash( 8, true );
        return $hasher->CheckPassword($password, $hashedPassword);
    }

}

AHA! debug() ... , .

Update3

: , (Ex: "Simple", "Blowfish" ) . , , , , .

Update4

$this->settings /lib/Cake/Controller/Component/Auth/BaseAuthenticate.php, :

array(
    'fields' => array(
        'password' => 'password',
        'username' => 'email'
    ),
    'userModel' => 'User',
    'scope' => array(),
    'recursive' => (int) 0,
    'contain' => null,
    'passwordHasher' => 'PHPass'
)
+4
3

- , "PasswordHasher", "className".

:

<?php
App::import('Vendor', 'PHPass/class-phpass'); //<--this exists and defines PasswordHash class
class PHPassHasherPasswordHasher extends AbstractPasswordHasher {

    // functions

}

"", "SimplePasswordHasher".

, PHPassHasherPasswordHasher , , . , PHPassPasswordHasher ( classname 'PHPass').

EDIT. , Cake , (, PHPass), - :

<?php
App::import('Vendor', 'PHPass/class-phpass'); //<--this exists and defines PasswordHash class
class PhpassPasswordHasher extends AbstractPasswordHasher {

    // functions

}

... , : PhpassPasswordHasher.php.

SDP - !

+3

:

$components:

// Pass settings in $components array
public $components = array(
    'Auth' => array(
        'authenticate' => array(
            'Form' => array(
                'fields' => array(
                    'username' => 'email',
                    'password' => 'password'
                )
            )
        )
    )
);

+2

- . , / Cake. :

PHPassPasswordHasher.php --> PhpassPasswordHasher.php
class PHPassPasswordHasher... --> class PhpassPasswordHasher...

!

ps: @Ben Hitchcock .

+1
source

More articles:


All Articles