我制作了一个简单的日志系统,但它没有登录(CakePHP 3.3)。密码保存为哈希值,例如:
$2y$10$tKUu6KUzrHwqTR5FD0YpaegFHkaoFOWViAtvijJpSQxxJ.E1WFPMu
登录操作无法识别用户。我的控制器和行动:
UsersController.php:
public function login()
{
if ($this->request->is('post')) {
debug($this->request->data);
debug($this->Auth->identify());
$user = $this->Auth->identify();
if ($user) {
$this->Auth->setUser($user);
return $this->redirect($this->Auth->redirectUrl());
} else {
$this->Flash->error(__('Username or password is incorrect'), [
'key' => 'auth'
]);
}
}
}
AppController.php:
public function initialize()
{
parent::initialize();
$this->loadComponent('RequestHandler');
$this->loadComponent('Flash');
//$this->loadComponent('Security');
//$this->loadComponent('Csrf');
$this->loadComponent('Auth', [
'authenticate', [
'Form' => [
'fields' => ['username'=>'email', 'password'=>'password'],
'userModel' => 'Users',
'passwordHasher' => 'Default'
]
],
'loginAction' => [
'controller' => 'Users',
'action' => 'login'
],
'loginRedirect' => ['controller'=>'Users', 'action'=>'dashboard'],
'logoutRedirect' => ['controller'=>'Users', 'action'=>'login'],
'authError' => __('You do not have permission to access.'),
'storage' => 'Session'
]);
}
User.php实体:
class User extends Entity
{
protected $_accessible = [
'*' => true,
'id' => false
];
protected $_hidden = [
'password'
];
protected function _setPassword($password) {
return (new DefaultPasswordHasher)->hash($password);
}
}
login.ctp:
<h1>login</h1>
<?php
echo $this->Flash->render();
echo $this->Flash->render('auth');
echo $this->Form->create();
echo $this->Form->input('email');
echo $this->Form->input('password');
echo $this->Form->button('entrar');
echo $this->Form->end();
第一个debug()返回纯文本密码和电子邮件。第二个debug()返回false。
我错过了什么?
答案 0 :(得分:0)
我发现了问题。 loadComponent上的数组格式。 正确的格式是:
'authenticate' => [
'Form' => [
答案 1 :(得分:0)
验证字段大小是否设置为255(varchar) 哈希应该如下所示:
“$ 2Y $ 10 $ i4Jnip3WBBxyb7gkm.WjoOe200XSMz / MGL9oZCeupDaeQ0I0fuba6”