I will try this …
On Apr 8, 2013, at 7:37 PM, Branson Lilburn <[email protected]> wrote: Thanks Atomic. @Moawia BlowfishAuthenticate extends FormAuthenticate, so you can take FormAuthenticate out of $components, and give the 'fields' array to Blowfish. Also, I'd remove 'scope' unless you intend to use it. On Monday, April 8, 2013 3:01:58 AM UTC-5, Moawia wrote: @Atomic Already add ... class UsersController extends Controller { public $components = array( 'Auth' => array( 'authenticate' => array( 'Blowfish' => array( 'scope' => array('User.is_active' => true) ), 'Form' => array( 'fields' => array('username' => 'email', 'password' => 'password') ) ) ) , 'Session', 'Email','Security','DebugKit.Toolbar'); But with no chance also! On Monday, April 8, 2013 10:56:56 AM UTC+3, Atomic Guava wrote: You need to configure auth component in a different way if you're using Blowfish. Please see http://stackoverflow.com/a/14538958 On Sunday, April 7, 2013 11:32:52 PM UTC+1, Branson Lilburn wrote: I'm having the exact same problem. Here is BaseAuthenticate::_password() which is called in BaseAuthenticate::_findUser(). (If you do some tracing, starting at User->Auth->login(), you'll end up there). protected function _password($password) { return Security::hash($password, null, true); } As you can see, it doesn't provide the stored password for the third parameter. There is a class BlowfishAuthenticate that I suspect solves this problem, but I haven't figured out how to implement it properly. On Sunday, April 7, 2013 1:13:53 PM UTC-5, Moawia wrote: Any help please ! On Saturday, April 6, 2013 2:42:51 PM UTC+3, Moawia Almardoud wrote: Hi, I made the field varchar 250 ... but still no chance ... Warning (512): Invalid salt: 1 for blowfish Please visit http://www.php.net/crypt and read the appropriate section for building blowfish salts. [CORE/Cake/Utility/Security.php, line 278] any got solution for this issue ? On Saturday, December 22, 2012 12:25:24 AM UTC+3, Stafford wrote: Hello all, I've been struggling with getting bcrypt/blowfish to work with my login form and hope someone can point me in the right direction. I have a registration and login form. I've got the registration form to hash and store passwords using bcrypt in version 2.3. My hang up now is that I can't find any info or documentation describing how to check a login password against the stored password. Using User->Auth->login() generates an error. "Invalid salt: for blowfish". Ive used Security::setHash('blowfish') in my appController and understand the use of Security::hash(pass_string, 'blowfish', salted_string), but have no idea how to make this work with auth->login(). Is there a setting/config file I need to update to tell Auth to use blowfish somehow? I appreciate help. Thank you. -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups "CakePHP" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/cake-php?hl=en. For more options, visit https://groups.google.com/groups/opt_out. -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups "CakePHP" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To post to this group, send email to [email protected]. Visit this group at http://groups.google.com/group/cake-php?hl=en. For more options, visit https://groups.google.com/groups/opt_out.
