Re: Blowfish password hashing in 2.4.0-RC2 issues
Okay, I've finally managed to resolve the issue - but I'm not sure *why* it resolves the issue. I'd appreciate any input. Here's what I did: Note: my users table is named customer_users (with a habtm relationship with customer_orgs associated by 'customer_orgs_customer_users') In app/Model/User.php I have I debugged the post data and saw that in $this-request-data, my login fields were under the key -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups CakePHP group. To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscr...@googlegroups.com. To post to this group, send email to cake-php@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php. For more options, visit https://groups.google.com/groups/opt_out.
Re: Blowfish password hashing in 2.4.0-RC2 issues
Okay, I've finally managed to resolve this, it was a basic mistake. Here's what I did: I debugged the post data and saw that in $this-request-data, my login fields were under the key 'customer_users' (which is the name of my users table) Array ( [customer_users] = Array ( [username] = u...@domain.com [password] = abcdefg1234567 ) ) I had assumed that so long as there was a username and password field in my POST data, the login would work. In my login.ctp, I have the following code to generate my login form: echo $this-Form-create(), $this-Form-input('username'), $this-Form-password('password'), $this-Form-end(Log In); I changed it to the following: echo $this-Form-create('User'), $this-Form-input('username'), $this-Form-password('password'), $this-Form-end(Log In); .. and the logins now work. I didn't see any error specifying that the Auth component couldn't see any credentials in the post - it'd have saved me a lot of time. My users table has a habtm relationship with customer_orgs, is there a way to have the Auth component return data from linked tables? -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups CakePHP group. To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscr...@googlegroups.com. To post to this group, send email to cake-php@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php. For more options, visit https://groups.google.com/groups/opt_out.
Re: Blowfish password hashing in 2.4.0-RC2 issues
In response to my own question, setting recursive to 1 in the AppController Auth definition allowed me to pull in associated customer_orgs rows in the Auth-login() call. -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups CakePHP group. To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscr...@googlegroups.com. To post to this group, send email to cake-php@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php. For more options, visit https://groups.google.com/groups/opt_out.
Blowfish password hashing in 2.4.0-RC2 issues
Hi all, I'm new here and in the process of building my first CakePHP app, using a recently upgraded 2.3.5 2.4.0-RC2. I've managed to get the new BlowfishPasswordHasher working with my User model beforeSave() function, and can verify in the database that users are created with a blowfish hash in the password field. My issue is that the User model's login function is failing when trying to log in with the correct credentials. Here is my $components variable from AppController: public $components = array( 'Session', 'Security', 'Cookie', 'DebugKit.Toolbar', 'Auth' = array( 'loginAction' = array( 'controller' = 'users', 'action' = 'login' ), 'authError' = 'You must be logged in to view this page', 'loginError' = 'Invalid username/password combination', 'authenticate' = array( 'Form' = array( 'userModel' = 'User', 'passwordHasher' = 'Blowfish', ), ), 'loginRedirect' = array('controller' = 'DevelopmentPages', 'action' = 'index'), 'logoutRedirect' = array('controller' = 'users', 'action' = 'login'), ), ); This is my beforeSave from the User model: public function beforeSave($options = array()) { if(isset($this-data[$this-alias]['password'])) { $passwordHasher = new BlowfishPasswordHasher(); $this-data[$this-alias]['password'] = $passwordHasher-hash($this-data[$this-alias]['password']); } return true; } Is there something obvious that I am missing? Any pointers appreciated :) -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups CakePHP group. To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscr...@googlegroups.com. To post to this group, send email to cake-php@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php. For more options, visit https://groups.google.com/groups/opt_out.