- named form field 'password1' (or whatever)
- validated that field in User model
- hashed it with AuthComponent::password() in User::beforeSave()
- placed it in $this->data['User']['password'] (and unset $this->data
['User']['password1'])
On Jan 30, 2:11 am, Delirium tremens <pedbe...@gmail.com> wrote:
> This part of the problem has been solved.
>
> On 29 jan, 15:06, Delirium tremens <pedbe...@gmail.com> wrote:
>
>
>
> > What else should I try?
>
> > On 29 jan, 15:01, Delirium tremens <pedbe...@gmail.com> wrote:
>
> > > The code from the site:
>
> > > function hashPasswords($data, $enforce=false) {
> > > if($enforce && isset($this->data[$this->alias]['password'])) {
> > > if(!empty($this->data[$this->alias]['password'])) {
> > > $this->data[$this->alias]['password'] = Security::hash
> > > ($this->data[$this->alias]['password'], null, true);
> > > }
> > > }
> > > return $data;
> > > }
> > > function beforeSave() {
> > > $this->hashPasswords(null, true);
> > > return true;
> > > }
>
> > > I tried:
> > > - the code without changes
> > > - the code with alias changed to userModel
> > > - the code with null changed to $data
> > > - the code with null changed to $this->data
>
> > > The codes I tried are not encrypting the password after validating it.
>
> > > On 29 jan, 12:18, "j0n4s.h4rtm...@googlemail.com"
>
> > > <j0n4s.h4rtm...@googlemail.com> wrote:
> > > > I did not try this yet, but this should help you, right?:
>
> > > >http://teknoid.wordpress.com/2008/10/08/demystifying-auth-features-in...
>
> > > > p.s. I believe the whole thing is because AuthComponent is
> > > > AuthComponent and not AuthBehavior. If it came with such a thing it
> > > > would be more clear (because hashing would take place in the model
> > > > then)
>
> > > > On Jan 28, 8:04 pm, Delirium tremens <pedbe...@gmail.com> wrote:
>
> > > > > there is no afterValidate
> > > > > there is no beforeLogin
>
> > > > > What now???
>
> > > > > On 28 jan, 16:47, Delirium tremens <pedbe...@gmail.com> wrote:
>
> > > > > > I added:
>
> > > > > > function beforeSave() {
> > > > > > $this->data['Account']['password'] = md5($this->data['Account']
> > > > > > ['password']);
> > > > > > return true;
>
> > > > > > }
>
> > > > > > to Account model, but now login does not work. Why?
>
> > > > > > On 28 jan, 16:04, Delirium tremens <pedbe...@gmail.com> wrote:
>
> > > > > > > Hold on... I need it encrypted after validated... What now???
>
> > > > > > > On 28 jan, 15:53, Delirium tremens <pedbe...@gmail.com> wrote:
>
> > > > > > > > I understood! I added it to BeforeFilter. It works!
>
> > > > > > > > On 28 jan, 15:37, Delirium tremens <pedbe...@gmail.com> wrote:
>
> > > > > > > > > I added:
>
> > > > > > > > > $this->Auth->authenticate = $this->Account;
>
> > > > > > > > > to login.
>
> > > > > > > > > I added:
>
> > > > > > > > > function hashPasswords( $data ) {
> > > > > > > > > return $data;
> > > > > > > > > }
>
> > > > > > > > > to Account model.
>
> > > > > > > > > After updating my account, $cakeDebug (my debug config is 2, so flash
> > > > > > > > > is eternal) flashed my password hashed. Am I doing anything wrong?
>
> > > > > > > > > On 27 jan, 21:34, Gonzalo Servat <gser...@gmail.com> wrote:
>
> > > > > > > > > > On Tue, Jan 27, 2009 at 8:26 PM, Delirium tremens <pedbe...@gmail.com>wrote:
>
> > > > > > > > > > > CakePHP 1.2 is encrypting passwords before validating them.
>
> > > > > > > > > > > CakePHP 1.2 is trying to make us behave in a different way.
>
> > > > > > > > > > > Are you behaving the CakePHP 1.2 way?
>
> > > > > > > > > > > What are you doing now that you are not allowed to validate passwords?
>
> > > > > > > > > > I take it you're talking about the AuthComponent? If so, yes it hashes
> > > > > > > > > > passwords automagically so you basically just store the hashed password in
> > > > > > > > > > your DB. If you don't want that, you can do something like this:
>
> > > > > > > > > > $this->Auth->authenticate = $this->User; // or whatever ...
>
> > > > > > > > > > Inside the User model, you could have:
>
> > > > > > > > > > function hashPasswords( $data ) {
> > > > > > > > > > return $data;
>
> > > > > > > > > > }
>
> > > > > > > > > > Instead of hashing the password, it just returns it unmodified (clear text).
>
> > > > > > > > > > - Gonzalo
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to cake-php+unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
No comments:
Post a Comment