You need to configure auth component in a different way if you're using
Blowfish. Please see http://stackoverflow.com/a/14538958
On Sunday, April 7, 2013 11:32:52 PM UTC+1, Branson Lilburn wrote:
>
> I'm having the exact same problem. Here is BaseAuthenticate::_password()
> which is called in BaseAuthenticate::_findUser(). (If you do some tracing,
> starting at User->Auth->login(), you'll end up there).
>
> protected function _password($password) {
> return Security::hash($password, null, true);
> }
>
> As you can see, it doesn't provide the stored password for the third
> parameter. There is a class
> BlowfishAuthenticate<http://api.cakephp.org/2.3/class-BlowfishAuthenticate.html>that
> I suspect solves this problem, but I haven't figured out how to
> implement it properly.
>
>
> On Sunday, April 7, 2013 1:13:53 PM UTC-5, Moawia wrote:
>>
>> Any help please !
>>
>> On Saturday, April 6, 2013 2:42:51 PM UTC+3, Moawia Almardoud wrote:
>>>
>>> Hi,
>>>
>>> I made the field varchar 250 ... but still no chance ...
>>>
>>> *Warning* (512): Invalid salt: 1 for blowfish Please visit
>>> http://www.php.net/crypt and read the appropriate section for building
>>> blowfish salts. [*CORE/Cake/Utility/Security.php*, line *278*]
>>>
>>>
>>> any got solution for this issue ?
>>>
>>>
>>> On Saturday, December 22, 2012 12:25:24 AM UTC+3, Stafford wrote:
>>>>
>>>> Hello all,
>>>>
>>>> I've been struggling with getting bcrypt/blowfish to work with my login
>>>> form and hope someone can point me in the right direction.
>>>> I have a registration and login form. I've got the registration form to
>>>> hash and store passwords using bcrypt in version 2.3. My hang up now is
>>>> that I can't find any info or documentation describing how to check a
>>>> login
>>>> password against the stored password.
>>>>
>>>> Using User->Auth->login() generates an error. *"Invalid salt: for
>>>> blowfish".*
>>>> Ive used Security::setHash('blowfish') in my appController and
>>>> understand the use of Security::hash(pass_string, 'blowfish',
>>>> salted_string), but have no idea how to make this work with auth->login().
>>>>
>>>> Is there a setting/config file I need to update to tell Auth to use
>>>> blowfish somehow?
>>>>
>>>> I appreciate help.
>>>> Thank you.
>>>>
>>>
--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/cake-php?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
