I was having exactly the same issue, and by using the debug() function on
the variables used in the BlowfishAuthenticate class, I made the discovery
that my password field's length in my MySQL database table was too short.
I had been using 50 characters, but the Blowfish hashes are longer and by
comparing the hashes, I was missing about 8 chars. I increased the length
to 100 and tried creating new users and logging in and this appears to be
working now.
Also check that your user scope is set up in Auth and correct for each
user's record - that caught me out just now in testing :)
On Friday, 21 December 2012 21:25:24 UTC, Stafford wrote:
>
> Hello all,
>
> I've been struggling with getting bcrypt/blowfish to work with my login
> form and hope someone can point me in the right direction.
> I have a registration and login form. I've got the registration form to
> hash and store passwords using bcrypt in version 2.3. My hang up now is
> that I can't find any info or documentation describing how to check a login
> password against the stored password.
>
> Using User->Auth->login() generates an error. *"Invalid salt: for
> blowfish".*
> Ive used Security::setHash('blowfish') in my appController and understand
> the use of Security::hash(pass_string, 'blowfish', salted_string), but have
> no idea how to make this work with auth->login().
>
> Is there a setting/config file I need to update to tell Auth to use
> blowfish somehow?
>
> I appreciate help.
> Thank you.
>
--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/cake-php?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
