CakePHP 2.3.1 Auth Component

0
votes

I've recently been pouring over some CakePHP tutorials on the Auth Component, and am using this for reference: http://miftyisbored.com/a-complete-login-and-authentication-application-tutorial-for-cakephp-2-3/

My Cake version is 2.3.1

I'm using Firebug for debugging. The database passwords are hashing right, and I can Register and new user just fine, however logging in is a different story. When I try to access a page that requires Authentication, I get the login page, enter a valid user/pass, and it redirects me right back to the login page. In firebug the POST header is 200 OK and just returns the login page again. I'm guessing I may have something wrong with my session config or something, as if the session isn't being looked up. Here's my UsersController.php:

<?php
class UsersController extends AppController {
    public $name = 'Users';
    public $helpers = array('Html','Form');

    public function beforeFilter() {
            parent::beforeFilter();
            $this->Auth->allow('add', 'login');
        }


    public function login() {

            //if already logged-in, redirect
            if($this->Session->check('Auth.User')){
                $this->redirect(array('controller'=>'admin','action' => 'admin_index'));      
            }

            // if we get the post information, try to authenticate
            if ($this->request->is('post')) {
                if ($this->Auth->login()) {
                    $this->Session->setFlash(__('Welcome, '. $this->Auth->user('username')));
                    $this->redirect($this->Auth->redirectUrl());
                } else {
                    $this->Session->setFlash(__('Invalid username or password'));
                }
            } 
        }


    public function logout() {
        return $this->redirect($this->Auth->logout());
    }

    public function index() {
        $this->User->recursive = 0;
        $this->set('users', $this->paginate());
    }

    public function view($id = null) {
        $this->User->id = $id;
        if (!$this->User->exists()) {
            throw new NotFoundException(__('Invalid user'));
        }
        $this->set('user', $this->User->read(null, $id));
    }

    public function add() {
        if ($this->request->is('post')) {
            $this->User->create();
            if ($this->User->save($this->request->data)) {
                $this->Session->setFlash(__('The user has been saved'));
                return $this->redirect(array('action' => 'login'));
            }
            $this->Session->setFlash(
                __('The user could not be saved. Please, try again.')
            );
        }
    }

    public function edit($id = null) {
        $this->User->id = $id;
        if (!$this->User->exists()) {
            throw new NotFoundException(__('Invalid user'));
        }
        if ($this->request->is('post') || $this->request->is('put')) {
            if ($this->User->save($this->request->data)) {
                $this->Session->setFlash(__('The user has been saved'));
                return $this->redirect(array('action' => 'index'));
            }
            $this->Session->setFlash(
                __('The user could not be saved. Please, try again.')
            );
        } else {
            $this->request->data = $this->User->read(null, $id);
            unset($this->request->data['User']['password']);
        }
    }

    public function delete($id = null) {
        $this->request->onlyAllow('post');

        $this->User->id = $id;
        if (!$this->User->exists()) {
            throw new NotFoundException(__('Invalid user'));
        }
        if ($this->User->delete()) {
            $this->Session->setFlash(__('User deleted'));
            return $this->redirect(array('action' => 'index'));
        }
        $this->Session->setFlash(__('User was not deleted'));
        return $this->redirect(array('action' => 'index'));
    }

}
?>

My Model seems to be working ok, but I can provide any additional code if this isn't where my error is at! Thanks bunches!

1
phpcakephpauthentication

1 Answers

0
votes

the problem is in the encryptacion of your passwords, see if you're doing a beforesave and you need make a encryption when saving and password that you log in to verify if they are the same in your DB

User model

 public function beforeSave($options = array()) {
    // hash our password

    if (!$this->id) {
        $passwordHasher = new SimplePasswordHasher();
        $this->data['User']['password'] = $passwordHasher->hash($this->data['User']['password']);
    }
    return true;
}

AppController

public function beforeFilter() {
    Security::setHash('sha1');
    $this->Auth->allow('index', 'display', 'view');
}

In your database for the password the right is varchar (30)