Re: Auth Component not hashing password
Why not validate before hashing the password? The article below outlines how to handle validation and comparing two password fields. Also handles things like unique username and email addresses. http://edwardawebb.com/programming/php-programming/cakephp/complex-validation-cakephp-12 On Jan 26, 11:52 am, Ivan wrote: > Is there any way to get the Auth component to hash the "confirm > password" input as well? I think that if the password's being hashed > for security reasons, then it's inconsistent not to be able to set the > option of hashing some other password type input. (I know it can > always be hashed with $this->Auth->password(), but I wonder if it > could be set to have it done "automagically", in cakephp terms). --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Auth Component not hashing password
Is there any way to get the Auth component to hash the "confirm password" input as well? I think that if the password's being hashed for security reasons, then it's inconsistent not to be able to set the option of hashing some other password type input. (I know it can always be hashed with $this->Auth->password(), but I wonder if it could be set to have it done "automagically", in cakephp terms). --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Auth Component not hashing password
Dang. It's a multiplie part form and someone changed the username field to 'disabled' from 'readonly'. Once we put a hidden form field in, the Auth component did it's magic. Something to note though for future reference. Thanks! On Dec 27, 9:40 pm, Primate wrote: > Are you sure that the username is also being submitted? Auth will only > auto-hash the password if both keys are present in $this->data. > > The solution is to check if $this->data["User"]["username"] exists and > determine whether or not confirm_passwords needs to be hashed. > > On Dec 27, 9:32 pm, papajoe wrote: > > > Is there any reason why the Auth component would NOT has the password. > > We had this working and suddenly the password is soming out as clear > > text. > > > We're using 1.2rc3 > > > This: > > > $this->data['Member']['password'] == $this->Auth->password($this->data > > ['Member']['confirm_password']) > > > fails since the password is not automatically hashed. > > > We have in our app_controller: > > > function beforeFilter() > > { > > if (isset($this->Auth)) > > { > > $this->Auth->userModel = 'User'; > > $this->Auth->loginAction = array('controller' => 'users', > > 'action' => 'login'); > > $this->Auth->autoRedirect = false; > > $this->Auth->fields = array('username' => 'username', > > 'password' => 'password'); > > $this->Auth->authorize = 'controller'; > > > } > > } --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Re: Auth Component not hashing password
Are you sure that the username is also being submitted? Auth will only auto-hash the password if both keys are present in $this->data. The solution is to check if $this->data["User"]["username"] exists and determine whether or not confirm_passwords needs to be hashed. On Dec 27, 9:32 pm, papajoe wrote: > Is there any reason why the Auth component would NOT has the password. > We had this working and suddenly the password is soming out as clear > text. > > We're using 1.2rc3 > > This: > > $this->data['Member']['password'] == $this->Auth->password($this->data > ['Member']['confirm_password']) > > fails since the password is not automatically hashed. > > We have in our app_controller: > > function beforeFilter() > { > if (isset($this->Auth)) > { > $this->Auth->userModel = 'User'; > $this->Auth->loginAction = array('controller' => 'users', > 'action' => 'login'); > $this->Auth->autoRedirect = false; > $this->Auth->fields = array('username' => 'username', > 'password' => 'password'); > $this->Auth->authorize = 'controller'; > > } > } --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---
Auth Component not hashing password
Is there any reason why the Auth component would NOT has the password. We had this working and suddenly the password is soming out as clear text. We're using 1.2rc3 This: $this->data['Member']['password'] == $this->Auth->password($this->data ['Member']['confirm_password']) fails since the password is not automatically hashed. We have in our app_controller: function beforeFilter() { if (isset($this->Auth)) { $this->Auth->userModel = 'User'; $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login'); $this->Auth->autoRedirect = false; $this->Auth->fields = array('username' => 'username', 'password' => 'password'); $this->Auth->authorize = 'controller'; } } --~--~-~--~~~---~--~~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to cake-php+unsubscr...@googlegroups.com For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~--~~~~--~~--~--~---