Hi, I've been trying a bunch of different configurations, but I believe this is the one that has me the closest. Since I've inherited a table of users with custom sha256 hashed passwords, I'm using hashPasswords() in my model, which does replace the password in $data with the correct (verified) hash.
function hashPasswords($data) { Security::setHash('sha256'); if (isset($data['Panels']['username'])) { $data['Panels']['password'] = Security::hash(Configure::read('Security.salt').$data['Panels'] ['password']); return $data; } return $data; } My challenge is this: when I attempt to login in thru my form, no attempt to actually login is made by the Auth component. Instead, I get the values submitted by the form with one exception. The password input now has the hashed value of password filled in the form. Manual attempts to login using $this->Auth->login($user) fail as well (return false)... However, The usernames and passwords match. ///*** HERE IS MY CONTROLLER SETUP ... I'm using /panels/login as the controller/method for logging in, and the user pw fields in my db are non-standard. ***/// var $helpers = array('Html', 'Form'); //Array of components used by Controller var $components = array( 'Auth' => array( 'loginAction' => array( 'controller' => 'panels', 'action' => 'login', 'plugin' => false, 'admin' => false, ), 'fields' => array( 'username' => 'user_id', 'password' => 'user_password', ), 'userModel' => 'User', 'authorize' => 'controller', 'allowedActions' => array('login','logout') ), 'Session', 'Cookie' ); function beforeFilter() { $this->Auth->authenticate = ClassRegistry::init('User'); parent::beforeFilter(); } function login() { //Where is the Auth Magic? } function logout() { //Leave empty for now. } function isAuthorized() { var_dump("this is running"); /// This never actually runs! UGH if ( !empty($this->data) && !empty($this->Auth->data['User']['username']) && !empty($this->Auth->data['User']['password']) ){ $user = $this->User->find('first', array('conditions' => array('User.user_id' => $this->Auth->data['Panels'] ['username'],'User.user_password' => $this->Auth->data['Panels'] ['password']), 'recursive' => -1 )); var_dump("check this out!----->>>>>>>>"); var_dump($this->Auth->login($user)); if (!empty($user) && $this->Auth->login($user)) { if ($this->Auth->autoRedirect) { return true; } }else{ $this->Session->setFlash($this->Auth->loginError, $this- >Auth->flashElement, array(), 'auth'); return false; } }else{ return false; } } ///*** HERE IS MY LOGIN FORM <div class = "auth"> <?php echo $this->Session->flash('auth'); // This displays nothing on the second instance form echo $this->Form->create('Panels'); echo $this->Form->input('username'); echo $this->Form->input('password'); echo $this->Form->end('Login'); ?> </div> $this->Auth->data['Panels']['username'] & $this->Auth->data['Panels'] ['password'] both contain values the second iteration thru login()... I am missing something, but I feel I am close. Any direction would very much be appreciated! Thanks, AdrianB -- Our newest site for the community: CakePHP Video Tutorials http://tv.cakephp.org Check out the new CakePHP Questions site http://ask.cakephp.org and help others with their CakePHP related questions. To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php