I'm having the exact same problem. Here is BaseAuthenticate::_password()
which is called in BaseAuthenticate::_findUser(). (If you do some tracing,
starting at User->Auth->login(), you'll end up there).
protected function _password($password) {
return Security::hash($password, null, true);
}
As you can see, it doesn't provide the stored password for the third
parameter. There is a class
BlowfishAuthenticate<http://api.cakephp.org/2.3/class-BlowfishAuthenticate.html>that
I suspect solves this problem, but I haven't figured out how to
implement it properly.
On Sunday, April 7, 2013 1:13:53 PM UTC-5, Moawia wrote:
>
> Any help please !
>
> On Saturday, April 6, 2013 2:42:51 PM UTC+3, Moawia Almardoud wrote:
>>
>> Hi,
>>
>> I made the field varchar 250 ... but still no chance ...
>>
>> *Warning* (512): Invalid salt: 1 for blowfish Please visit
>> http://www.php.net/crypt and read the appropriate section for building
>> blowfish salts. [*CORE/Cake/Utility/Security.php*, line *278*]
>>
>>
>> any got solution for this issue ?
>>
>>
>> On Saturday, December 22, 2012 12:25:24 AM UTC+3, Stafford wrote:
>>>
>>> Hello all,
>>>
>>> I've been struggling with getting bcrypt/blowfish to work with my login
>>> form and hope someone can point me in the right direction.
>>> I have a registration and login form. I've got the registration form to
>>> hash and store passwords using bcrypt in version 2.3. My hang up now is
>>> that I can't find any info or documentation describing how to check a login
>>> password against the stored password.
>>>
>>> Using User->Auth->login() generates an error. *"Invalid salt: for
>>> blowfish".*
>>> Ive used Security::setHash('blowfish') in my appController and
>>> understand the use of Security::hash(pass_string, 'blowfish',
>>> salted_string), but have no idea how to make this work with auth->login().
>>>
>>> Is there a setting/config file I need to update to tell Auth to use
>>> blowfish somehow?
>>>
>>> I appreciate help.
>>> Thank you.
>>>
>>
--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/cake-php?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
