散列密码和AuthComponent

时间:2012-01-01 23:03:00

标签: authentication hash login cakephp-2.0

我正在尝试登录我的CakePHP 2.0应用程序,但我总是遇到登录错误。 在官方documentationtutorial我已经阅读了如何散列密码,但我仍然遇到登录错误,这就是我的做法:

// Users Model
public function beforeSave ($options = array ()) {
    $this->data['User']['password'] = AuthComponent::password($this->data['User']['password']);
    return true;
}

// Users Controller
public $components = array ('Acl', 'Session',
    'Auth' => array (
    'authenticate' => array (
        // login e logout sono di default i seguenti controller e views
        // 'loginRedirect' => array ('controller' => 'users', 'action' => 'login'),
        // 'logoutRedirect' => array ('controller' => 'users', 'action' => 'logout'),
        'Form' => array (
            'fields' => array (
            // il valore default 
                'username' => 'email'
            ),
            'scope' => array (
                'User.active' => 1
            )
        )
    ),
    'authError' => 'Login error message I get'
));

public function login () {
    if ($this->request->is('post')) { // if the request came from post data and not via http (useful for security)
         // the password is hashed in User Model in beforeSave method as read on documentation
         // debug ($this->data);
         if ($this->Auth->login()) {
             $id = $this->Auth->user('id');
             return $this->redirect(array('controller'=>'users', 'action'=>$id, $this->Auth->user('username')));
         } else {
             $this->Session->setFlash('Login error message', 'default', array(), 'auth');
         }
    }
}

在视图中我有这个:

// the view login.ctp 
echo $this->Form->text('User.email', array('id'=>'email', 'value'=>'your@email.com'));
echo $this->Form->password('User.password', array('id'=>'password', 'value'=>'password'));

如果我尝试调试数据,我会得到这个:

// in the controller
debug($this->data);
// in the view
Array
(
    [User] => Array
    (
        [email] => the@email.com
        [password] => thepass // not hashed
    )
)

我无法登录,因为我总是Login error message。我该如何解决?

1 个答案:

答案 0 :(得分:0)

VITTO,

(1)显示哪条错误消息?

(2)只是为了记录,请确保在布局中打印sessionFlash!

echo $this->Layout->sessionFlash();

(3)您是如何设置Auth组件的?例如,在我的AppController中,我设置了这种方式:

public $components = array(
    'Session',
    'Cookie',
    'Acl',
    /**
     * Default is authorize option is ActionsAuthorize.
     * In this case, system uses AclComponent to check for permissions on an action level.
     * learn more: http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html#authorization
     */
    'Auth'=> array(
        'authorize' => array(
            'Actions' => array('actionPath' => 'controllers')
        ),
        'authenticate' => array(
            'Form' => array(
                'fields' => array('username' => 'email', 'password' => 'password')
            )
        )
    )
);

(4)最后,我相信(必须确定)不需要手动哈希密码来执行登录。至少,在正确配置之后,此代码适用于我:

    if ($this->request->is('post')) {
        if ($this->Auth->login()) {
            // recirect stuffs
相关问题
最新问题