Well, I had a chat with Gwoo yesterday about this. Actually the
security object accept 3 hash methods : sha1 (default), md5 and
sha256..
The idea, with a derived Auth, to declare $var hashMethod = 'sha1';
Overwrite the hashPassword function with :
function hashpassword($password)
{
Security::hash(CAKE_SESSION_STRING.$password, $this->hashMethod);
This is the idea, you can set the $hasMethod in beforeFilter for
example. Of course you depend of the methods handled by the security
class (the 3 mentionned above so far).
Actually I have tested this by modifying, for test purpose, the Auth
component itself. But that should be be easy in a derived component
( I have to test this though..)
Let me know about your progress
On Jul 20, 10:28 pm, "[EMAIL PROTECTED]"
<[EMAIL PROTECTED]> wrote:
> Can you provide more information on how you overwrote the hash method
> (Auth::password()) in AuthComponent *without* actually touching the
> cakephp core code?
>
> I've been tearing my hair out attempting to do this. I would think you
> could create a component (e.g., CustomAuth) and override the method,
> but, alas, this doesn't appear to work like I think it should.
>
> On Jul 12, 7:41 am, francky06l <[EMAIL PROTECTED]> wrote:
>
> > Hi bakers,
>
> > Just wanted to share my experience of integrating the Auth component
> > into a non-finished application in cake12.
> > Overall, the component is great and easy to implement, however I had
> > to deal with some "tricky" features.
>
> > First the application context:
>
> > I have users spread out in different centers. Basically a user belongs
> > to a center. I have then a "Center" model and a "User" model. User
> > belongsTo a Center.
> > I can have a user "John Smith" in center A, and another "John Smith"
> > in center B. Thus on login screen a field "Center name" is also
> > captured. I can also disabled a complete center, meaning that every
> > user of this center would fail to login.
>
> > Using the Auth component, I have set the following in my login
> > function :
>
> > if(!empty($this->data))
> > {
> > // Add the Center checks
>
> > $this->Auth->userScope = array( 'Center.disabled' => 0,
>
> > 'Center.name' => $this->data['Center']['name']);
>
> > if(!$this->Auth->login($this->data))
> > {
>
> > That should do the trick I though ... well not exactly. That does not
> > work because the Auth component include a -1 as the recursive flag for
> > the call to User->find.
> > Workaround : I have added a $recursive variable to the component and
> > initialized it to -1. Now I just have to add $this->Auth->recursive =
> > 1; prior to the Auth->login call.
>
> > Second "small" problem, I need to keep in the Session some fields of
> > the Center record. For now, the login function of the Auth stores only
> > $data['User'].
> > I did solve this, in a "dirty way" by changing the return of the
> > identify function :
>
> > return $this->recursive > 0 ? $data : $data[$this->userModel];
>
> > I am sure the above might give me some problems later, feel free to
> > give me hints.
>
> > Another problem that I faced, was the default hash parameters to use.
> > My DB already had some user password hashed using md5.
> > I did add a variable called $hashMethod in the component, and
> > initialized to 'sha1', I can then override the variable if I need
> > something else. I also added a $hashPrefix initialized to the
> > CAKE_SESSION_STRING, and I can override it.
> > The password function is modified as :
>
> > function password($password) {
> > return Security::hash($hashPrefix . $password, $hashMethod);
> > }
>
> > The hashPasswords implemented into the startup function gave me some
> > trouble as well. I have a "changeDetail" function used by any user to
> > change their details as well as their password. I have set a control
> > to enforce the password strength such as at least 6 different
> > characters among them 2 digits.
> > This rule can't be verified anymore since the startup function will
> > "hash" my password prior to my verification.
> > For now the WorkAround is to use another field than "password" into
> > the view and just add the "password" ($this->data['User']['password']
> > = $this->Auth->password($this->data['User']['passtrick']) prior to
> > save.
> > This is no really "elegant", maybe a "enable/disable" method (or an
> > array of controller/view to avoid the call to hashPasswords) could be
> > implemented into the Auth ?
>
> > That's about it for now. Do not get me wrong, I know I have listed
> > mainly problems but the Auth is great component. I could work without
> > the Auth component since my application requires login for every
> > action (except the login / logout actions of course), but my main
> > interest is to link it with the cake12 ACL (next step).
>
> > Again, some of the above might be due to my misunderstanding of the
> > component, please feel free to suggest or comments.
>
> > Thanks
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
