Thanks Atomic.
@Moawia
BlowfishAuthenticate extends FormAuthenticate, so you can take
FormAuthenticate out of $components, and give the 'fields' array to
Blowfish. Also, I'd remove 'scope' unless you intend to use it.
On Monday, April 8, 2013 3:01:58 AM UTC-5, Moawia wrote:
>
> @Atomic
>
> Already add ...
>
> class UsersController extends Controller {
> public $components = array( 'Auth' => array(
> 'authenticate' => array(
> 'Blowfish' => array(
> 'scope' => array('User.is_active' => true)
> ),
> 'Form' => array(
> 'fields' => array('username' => 'email', 'password' =>
> 'password')
> )
> )
> ) , 'Session', 'Email','Security','DebugKit.Toolbar');
>
>
> But with no chance also!
>
> On Monday, April 8, 2013 10:56:56 AM UTC+3, Atomic Guava wrote:
>>
>> You need to configure auth component in a different way if you're using
>> Blowfish. Please see http://stackoverflow.com/a/14538958
>>
>> On Sunday, April 7, 2013 11:32:52 PM UTC+1, Branson Lilburn wrote:
>>>
>>> I'm having the exact same problem. Here is BaseAuthenticate::_password()
>>> which is called in BaseAuthenticate::_findUser(). (If you do some tracing,
>>> starting at User->Auth->login(), you'll end up there).
>>>
>>> protected function _password($password) {
>>> return Security::hash($password, null, true);
>>> }
>>>
>>> As you can see, it doesn't provide the stored password for the third
>>> parameter. There is a class
>>> BlowfishAuthenticate<http://api.cakephp.org/2.3/class-BlowfishAuthenticate.html>that
>>> I suspect solves this problem, but I haven't figured out how to
>>> implement it properly.
>>>
>>>
>>> On Sunday, April 7, 2013 1:13:53 PM UTC-5, Moawia wrote:
>>>>
>>>> Any help please !
>>>>
>>>> On Saturday, April 6, 2013 2:42:51 PM UTC+3, Moawia Almardoud wrote:
>>>>>
>>>>> Hi,
>>>>>
>>>>> I made the field varchar 250 ... but still no chance ...
>>>>>
>>>>> *Warning* (512): Invalid salt: 1 for blowfish Please visit
>>>>> http://www.php.net/crypt and read the appropriate section for building
>>>>> blowfish salts. [*CORE/Cake/Utility/Security.php*, line *278*]
>>>>>
>>>>>
>>>>> any got solution for this issue ?
>>>>>
>>>>>
>>>>> On Saturday, December 22, 2012 12:25:24 AM UTC+3, Stafford wrote:
>>>>>>
>>>>>> Hello all,
>>>>>>
>>>>>> I've been struggling with getting bcrypt/blowfish to work with my
>>>>>> login form and hope someone can point me in the right direction.
>>>>>> I have a registration and login form. I've got the registration form
>>>>>> to hash and store passwords using bcrypt in version 2.3. My hang up now
>>>>>> is
>>>>>> that I can't find any info or documentation describing how to check a
>>>>>> login
>>>>>> password against the stored password.
>>>>>>
>>>>>> Using User->Auth->login() generates an error. *"Invalid salt: for
>>>>>> blowfish".*
>>>>>> Ive used Security::setHash('blowfish') in my appController and
>>>>>> understand the use of Security::hash(pass_string, 'blowfish',
>>>>>> salted_string), but have no idea how to make this work with
>>>>>> auth->login().
>>>>>>
>>>>>> Is there a setting/config file I need to update to tell Auth to use
>>>>>> blowfish somehow?
>>>>>>
>>>>>> I appreciate help.
>>>>>> Thank you.
>>>>>>
>>>>>
--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at http://groups.google.com/group/cake-php?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
