Cakephp Overwrite authentication hash

Question

I am trying to implement the custom hashing on password before saving into the database. This is a limitation of my app, to hash the passwords i use a random key, know as saltpassword, i apply the md5 on user password and than concatenate the hashed password with saltpassword and again apply md5 hash on the result, and save the password and salt password in the database.

Now i am struggle to login, i have an idea that i need to overwrite the cake password hasher.is it correct? please guide me to fix this solution that where i need to what to get access on the login.

Regards

floriank floriank · Accepted Answer · 2014-09-11T23:06:27

See http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html#configuring-authentication-handlers

Define your password hasher in the auth options array and implement it and put it in app/Controller/Component/Auth/.

class MyPasswordHasher extends AbstractPasswordHasher {
    public function hash($password) {
        /* Your logic here */
    }
    public function check($password, $hashedPassword) {
        /* Your logic here */
    }
}

Just look at the existing hasher in the CakePHP core. It is always a good idea to look at how the core does things, especially for adapter classes.

Cakephp Overwrite authentication hash

1 Answers