dpjr86761 2014-08-14 14:02
浏览 30
已采纳

Blowfish密码Hasher不允许登录

In cakephp have changed from simplePasswordHasher to BlowfishPasswordHasher . I add the following code and comment out all refernces to the old simplehasher method but I cant login. I can create a new user with BlowfishPasswordHasher but logins now dont work?

The link below didnt fix the problem as I just cant login but I can see the new user with correct salted password

CakePHP - How do I implement blowfish hashing for passwords?

http://book.cakephp.org/2.0/en/tutorials-and-examples/blog-auth-example/auth.html

//userscontroller
public function login() {
    if ($this->request->is('post')) {
        if ($this->Auth->login()) {
           return $this->redirect($this->Auth->redirectUrl()); //for 2.3 and above versions, docs are old

        }
        $this->Session->setFlash(__('Invalid username or password, try again'));
    }
}  

//user
App::uses('BlowfishPasswordHasher', 'Controller/Component/Auth');

public function beforeSave($options = array()) {
    if (isset($this->data[$this->alias]['password'])) {
        $passwordHasher = new BlowfishPasswordHasher();
        $this->data[$this->alias]['password'] = $passwordHasher->hash(
            $this->data[$this->alias]['password']
        );
    }
    return true;
}

//new user
  <?php echo $this->Form->create('User'); ?>
    <h2><?php echo __('Add User2'); ?></h2>
    <?php
    echo $this->Form->input('username');
    echo $this->Form->input('password');

//in appcontroller public $components = array( "Email", 'Session', 'Auth');

public function beforeFilter() {

        $this->Auth->authError = 'You cant access this page';
        $this->Auth->loginRedirect= array('controller' => 'users', 'action' => 'dashboard');
        $this->Auth->logoutRedirect= array('controller' => 'users','action' => 'login'  );
        $this->Auth->authorize= array('Controller');
        $this->Auth->unauthorizedRedirect=  '/users/dashboard'; 
        $this->set("logged_in", $this->Auth->loggedIn())

//user model
    public $validate = array(
        'username' => array(
            'required' => array(
                'rule' => array('notEmpty'),
                'message' => 'A username is required'
            )
        ),
        'password' => array(
            'required' => array(
                'rule' => array('notEmpty'),
                'message' => 'A password is required'
            )
        )
  • 写回答

1条回答 默认 最新

  • duanmiyang6201 2014-08-14 14:25
    关注

    You haven't configured Auth to use BlowfishPasswordHasher so it's still uses the default hasher. Specify the passwordHasher key as shown in eg. here.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥50 安装pyaudiokits失败
  • ¥15 计组这些题应该咋做呀
  • ¥60 更换迈创SOL6M4AE卡的时候,驱动要重新装才能使用,怎么解决?
  • ¥15 让node服务器有自动加载文件的功能
  • ¥15 jmeter脚本回放有的是对的有的是错的
  • ¥15 r语言蛋白组学相关问题
  • ¥15 Python时间序列如何拟合疏系数模型
  • ¥15 求学软件的前人们指明方向🥺
  • ¥50 如何增强飞上天的树莓派的热点信号强度,以使得笔记本可以在地面实现远程桌面连接
  • ¥20 双层网络上信息-疾病传播