CakePHP 2x Auth->login

0
votes

I just can't login with $this->Auth->login() function ... I follow some tutorial and do everything but when I submit the form it shows password and username error .. although I check the password it's encrypted and match the database password...

any Ideas?? ... thanks in advance

this is my UsersController

    <?php

    App::uses('AppController', 'Controller');

    class UsersController extends AppController {

        public $components = array('Paginator');

        public function beforeFilter() {
             parent::beforeFilter(); 
             $this->Auth->allow('add');
             $this->Auth->deny('index');
        }
        public function login() {
            if($this->Session->read('Auth.User')){
                $this->redirect($this->Auth->redirect());
            }
            if ($this->request->is('post')) {
                print_r($this->request->data['User']['password']);
                $encPassword = AuthComponent::password($this->request->data['User']['password']);
                $this->request->data['User']['password'] = $encPassword;
                print_r($this->request->data['User']['password'].' - '.$this->request->data['User']['username']);
                //print_r($_SESSION);
                if ($this->Auth->login()) {
                    return $this->redirect($this->Auth->redirect());
                }
                $this->Session->setFlash(__('Invalid username or password, try again'));
            }
        }

        public function logout() {
            return $this->redirect($this->Auth->logout());
        }

       public function add() {
            if ($this->request->is('post')) {
                $this->User->create();
                if ($this->User->save($this->request->data)) {
                    $this->Session->setFlash(__('The user has been saved'));
                    return $this->redirect(array('controller' => 'pages','action' => 'home'));
                }
                $this->Session->setFlash(__('The user could not be saved. Please, try again.'));
            }
        }

        public function index() {
            $this->User->recursive = 0;
            $this->set('users', $this->Paginator->paginate());
        }

        public function view($id = null) {
            if (!$this->User->exists($id)) {
                throw new NotFoundException(__('Invalid user'));
            }
            $options = array('conditions' => array('User.' . $this->User->primaryKey => $id));
            $this->set('user', $this->User->find('first', $options));
        }

        public function edit($id = null) {
            if (!$this->User->exists($id)) {
                throw new NotFoundException(__('Invalid user'));
            }
            if ($this->request->is(array('post', 'put'))) {
                if ($this->User->save($this->request->data)) {
                    $this->Session->setFlash(__('The user has been saved.'));
                    return $this->redirect(array('action' => 'index'));
                } else {
                    $this->Session->setFlash(__('The user could not be saved. Please, try again.'));
                }
            } else {
                $options = array('conditions' => array('User.' . $this->User->primaryKey => $id));
                $this->request->data = $this->User->find('first', $options);
            }
        }

        public function delete($id = null) {
            $this->User->id = $id;
            if (!$this->User->exists()) {
                throw new NotFoundException(__('Invalid user'));
            }
            $this->request->allowMethod('post', 'delete');
            if ($this->User->delete()) {
                $this->Session->setFlash(__('The user has been deleted.'));
            } else {
                $this->Session->setFlash(__('The user could not be deleted. Please, try again.'));
            }
            return $this->redirect(array('action' => 'index'));
        }
    }

?>

and this my User model

<?php

    App::uses('AppModel', 'Model');

    class User extends AppModel {
        public $validate = array(
            'username' => array(
                'required' => array(
                    'rule' => array('notEmpty'),
                    'message' => 'A username is required'
                )
            ),
            'password' => array(
                'required' => array(
                    'rule' => array('notEmpty'),
                    'message' => 'A password is required'
                )
            )
        );

        public function beforeSave($options = array()) {  
            if (isset($this->data[$this->alias]['password'])) {
                $this->data[$this->alias]['password'] = AuthComponent::password($this->data[$this->alias]['password']);
            }
            return true;
        }
    }

?>

this my AppController

<?php

App::uses('Controller', 'Controller');

class AppController extends Controller {

    public $helpers = array('Seo');

    public $components = array(
        'Session',
        'Auth' => array(
            'loginRedirect' => array('controller' => 'users', 'action' => 'index'),
            'logoutRedirect' => array('controller' => 'pages', 'action' => 'home')
        ),
        'Do',
        'Images'
    );

    public function beforeFilter() {
        $this->Auth->allow('index', 'display', 'view');
    }

}

this my login forms page

<div>
<header><?php echo __('usersaccessform');?></header>
<?php 
    echo $this->Form->create('User');
    echo $this->Form->input('User.username',array('type'=>'text'));
    echo $this->Form->input('User.password',array('type'=>'password'));
    echo $this->Form->end(__('submit'));
?>
</div>
1
cakephpauthenticationlogincomponents
Almost certainly because of this $this->request->data['User']['password'] = $encPassword; - the concequence of that is the password is being encrypted twice when it's compared to the value in the db. - AD7six

1 Answers

0
votes

the problem is in the encryptacion of your passwords, see if you're doing a beforesave and also are making a encryption when saving is like you are doing a double encryption of your password and password that you log in to verify if they are the same in your DB

UsersController

    public function beforeFilter() {
        parent::beforeFilter();
    }
    public function login() {
        if($this->Session->read('Auth.User')){
            $this->redirect($this->Auth->redirect());
        }
        if ($this->request->is('post')) {
            if ($this->Auth->login()) {
                return $this->redirect($this->Auth->redirect());
            }
            $this->Session->setFlash(__('Invalid username or password, try again'));
        }
    }

User model

 public function beforeSave($options = array()) {
    // hash our password

    if (!$this->id) {
        $passwordHasher = new SimplePasswordHasher();
        $this->data['User']['password'] = $passwordHasher->hash($this->data['User']['password']);
    }
    return true;
}

AppController

public function beforeFilter() {
    Security::setHash('sha1');
    $this->Auth->allow('index', 'display', 'view');
}

In your database right is that the password field is varchar (30)