Man, Cake is hard! I understood what you just said, and did the
following:
1. I set the salt setting to nothing (blank):
Configure::write('Security.salt', '');
2. I'm going to set the password to 'a', so in my login view I added
the following:
echo "Hashed password is " .
AuthComponent::password('a');
This gave me the following string, which I manually entered into the
database in the password field:
86f7e437faa5a7fce15d1ddcb9eaeaea377667b8 (so I found out Cake uses
SHA1 as default! Yeah learned something!)
3. I tried to login again, using the email as username I entered
before ("a") and the password ("a")... but no luck. Same error as
before.
Later, I added the following to my AppController which was suggested
in StackOverflow:
var $components = array('Session',
'Auth'=> array(
'authenticate' => array(
'Form' => array(
'fields' => array('username' =>
'email')
)
)
)
);
...and still no luck.
If this helps at all, this is my SQL export:
--
-- Table structure for table `users`
--
CREATE TABLE IF NOT EXISTS `users` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`email` varchar(400) NOT NULL,
`password` varchar(150) NOT NULL,
`first_name` varchar(150) NOT NULL,
`last_name` varchar(150) NOT NULL,
`hotel_id` int(11) NOT NULL,
PRIMARY KEY (`id`),
UNIQUE KEY `email` (`email`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1 AUTO_INCREMENT=4 ;
--
-- Dumping data for table `users`
--
INSERT INTO `users` (`id`, `email`, `password`, `first_name`,
`last_name`, `hotel_id`) VALUES
(3, 'a', '86f7e437faa5a7fce15d1ddcb9eaeaea377667b8', '', '', 0);
Thanks again for all the help!
On Nov 7, 10:14 am, John <[email protected]> wrote:
> Perhaps I don't get what you say right but it still looks like exactly
> what I describe before. :-)
>
> If you have save the password it WILL NOT be hashed automatically, no
> matter if you use scaffolding or not. You must do it in code yourself.
> If you see the plain text password appearing in the database then
> that's the deal.
>
> In contrast when you use the login method the entered password is
> AUTOMATICALLY hashed and checked against the database (which has it
> stored as plain text so they won't match).
>
> The fastest route is to copy-paste the hashed password value appearing
> in the debug output in your database. That will let you test this and
> then you need to implement the hash before save code in the docs.
>
> PS. Capital is for emphasis not for SHOUTING!
>
> On Nov 7, 5:53 pm, Sandy Wilkins <[email protected]> wrote:
>
>
>
>
>
>
>
> > @John: Actually I created a new user via scaffolding, and the password
> > did not appear hashed in the database. But I did assure myself that
> > the user actually exists in the DB with the password I entered.
>
> > @Andras: I'll try this and let you know.
>
> > Thanks!
>
> > On Nov 6, 12:06 pm, John <[email protected]> wrote:
>
> > > You basically say what you do wrong :-)
>
> > > You try to login with the same password as that of the database? Nope!
> > > You need to either:
> > > Hash the password and store it in the database then try to login
> > > -or-
> > > Copy the already hashed password from the sql debug and insert it as
> > > is in the database.
>
> > > You should remember that in 2.0 auth automatically hashes the pass on
> > > login but not on save. Check the docs.
>
> > > On Nov 6, 4:01 am, Sandy Wilkins <[email protected]> wrote:
>
> > > > I'm trying to get a simple login form to work using CakePHP 2.0...
> > > > just Auth, no ACLs for now.
>
> > > > I'm able to see the form and enter the email and password as they are
> > > > in the database, but I just get returned to the form and the flash
> > > > error message is displayed. Here is my code:
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
[email protected] For more options, visit this group at
http://groups.google.com/group/cake-php
