dongli8979 2017-04-05 12:38
浏览 30

cakephp 3-哈希密码在比较时不匹配

CakePHP version: 3.3.5

I'm building a simple system using which users can login (using a email and password) and after login they can change their password.

For this, I'm using DefaultPasswordHasher

I had a few users already in my db. Their record were already present. So when I did the login function, it worked. I compared the password the user enters with the hased password already present in the db. The check was successful and user was able to login.

Now after login, I wrote change password function, which updated the user password. New hash string replaced the old password string but when I try to login again, login fails.

I will share my controller here. It's pretty basic.

namespace Api\Controller;
use Cake\Utility\Security;
use Cake\Utility\Hash;
use Cake\Auth\DefaultPasswordHasher;
use Api\Controller\AppController;

class LoginController extends AppController
    public function initialize()

    //Function to reset the password
    public function resetPassword()
        $pass   = $this->request->data['pass'];
        $hasher = new DefaultPasswordHasher();
        $hashedPass = $hasher->hash($pass);

        //save it to db
        $responseArray      = $this->Login->resetPassword($hashedPass); 
        $this->set('_serialize', ['responseArray']);

     //Function to login
     public function login()
        if ($this->request->is('post')) 
            //Password submitted via form
            $pass   = $this->request->data['pass'];

            //Hashed password fetched from db via a function call
            $actualPassword = 'hashedPasswordString'

            //Compare password submitted and hash from db
                $result = 'password matched';
                $result = 'password doesnot match';
        $this->set('_serialize', ['result']);       

    //Function to compare password and hash
    public function checkPassword($passedPassword , $actualPassword) 
        if ((new DefaultPasswordHasher)->check($passedPassword, $actualPassword)) {
            return true;
        } else {
            return false;


Can anyone tell me why the passwords don't match. I'm new to CakePHP framework. Thanks in advance!

  • 写回答

2条回答 默认 最新

  • dongzhou1901 2017-04-05 20:03

    This is what my reset password workflow looks like. I cannot tell from your post what your entity and table look like.

    Anytime posted data is converted into a user entity it will now be hashed


    public function password($id = null)
        $user = $this->Users->get($id, [
            'fields' => ['id', 'first_name', 'last_name', 'username']
        if ($this->request->is('put')) {
            if ($this->request->data['password'] == $this->request->data['password2']) {
                $this->Users->patchEntity($user, ['password' => $this->request->data['password']]);
                $this->Flash->success('Password has been updated');
                return $this->redirect('/admin/users/password/' . $id);
            } else {
                $this->Flash->error('Passwords do not match');


    protected function _setPassword($password)
        if (strlen($password) > 0) {
            return (new DefaultPasswordHasher)->hash($password);
    本回答被题主选为最佳回答 , 对您是否有帮助呢?



  • ¥15 html5 qrcode 扫描器
  • ¥15 爬取网页信息并保存需要完整代码
  • ¥15 一分十不等功分器阻设计问题,请问这个56Ω怎么得到的
  • ¥15 (标签-matlab)
  • ¥100 求看看这个数学建模,有偿
  • ¥15 深度学习目标检测现在框架加注意力的创新可以投几区?
  • ¥15 PdfiumViewer pdf转图片
  • ¥15 利用Java连接API接口总是出问题
  • ¥15 请教一个关于镜头标定,棋盘格格子大小的问题(畸变测试)
  • ¥15 安装GroudingDINO RuntimeError: Error compiling objects for extension