cant login to my cakephp

0
votes

I am trying to add auth to my cakephp app using the tutorial here: http://www.endyourif.com/login-system-with-cakephp-in-under-10-minutes/

I have changed the code slightly from the tutorial as my users table has 'username' and 'password' columns instead of 'email'

It is for a control panel so the whole thing needs to be passworded, don't need per controller access etc.

When i use the form to login it gives me "Login failed. Invalid username or password." from $session->flash('auth'); - Does this mean its working, but it just cant find the user table row?

I have tried to hash the passwords in the database in case that's why it's not matching them.

Here is my app controller:

<?php
class AppController extends Controller {

    var $helpers = array('Html', 'Javascript', 'Form', 'Session', 'AutoJavascript', 'Cache');
    var $components = array('Session', 'Auth', 'Cookie'); // Adding an email class conflicts with the email controller

    function beforeFilter() {

        $this->Auth->userModel = 'User';
        $this->Auth->loginAction = array('admin' => false, 'controller' => 'users', 'action' => 'login');
        $this->Auth->loginRedirect = array('controller' => 'users', 'action' => 'index');
        $this->Auth->allow('*');


    }

}
?>

Is there something wrong in the tutorial?

Sorry, no demo available.

Thanks!

2
phpcakephpauthentication
How did you create your initial username and password?OldWest
i inserted it manually into the database, only filling in the username and password fields - both are "test", unhashed.472084

2 Answers

1
votes

As other people suggest it's not good idea to insert your password in the database directly. The reason is that when you use Auth component it hashes the passwords with the Salt from the config.php which you obviously don't include when creating record from phpmyadmin.

Just go to and bake the users table Model, Controller and Views. Then disable the security for the first time and create the first user. Then force the authentication and try to login. I believe this would do the trick.

Also bear in mind that when you move your users to another server e.g. you making a migrations you need to keep the old Salt string, otherwise users wont login on the new site.

0
votes

Check the actual database value of the password and make sure the password is being correctly hashed.

Additionally you might want to double check you're passing the correct data in the login method, do a var_dump($this->data); to double check everything is in order