I had been using 50 characters, but the Blowfish hashes are longer and by comparing the hashes, I was missing about 8 chars. I increased the length to 100 and tried creating new users and logging in and this appears to be working now.
Also check that your user scope is set up in Auth and correct for each user's record - that caught me out just now in testing :)
On Friday, 21 December 2012 21:25:24 UTC, Stafford wrote:
-- On Friday, 21 December 2012 21:25:24 UTC, Stafford wrote:
Hello all,I've been struggling with getting bcrypt/blowfish to work with my login form and hope someone can point me in the right direction.I have a registration and login form. I've got the registration form to hash and store passwords using bcrypt in version 2.3. My hang up now is that I can't find any info or documentation describing how to check a login password against the stored password.Using User->Auth->login() generates an error. "Invalid salt: for blowfish".Ive used Security::setHash('blowfish') in my appController and understand the use of Security::hash(pass_string, 'blowfish', salted_string), but have no idea how to make this work with auth->login().Is there a setting/config file I need to update to tell Auth to use blowfish somehow?I appreciate help.Thank you.
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscribe@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php?hl=en.
For more options, visit https://groups.google.com/groups/opt_out.
No comments:
Post a Comment