Sunday, January 11, 2015

Re: CakePHP 2.0 authentication(login) without ctp files but other types

> If '123' is the actual data in your password field in the data record, it's very likely this is the problem you're having with logging in.
Maybe this is the problem;)

> That's why i recommended setting up the create-user form from the tutorial. 
> It will set up the creation of the user record, which will encrypt the password you supply and store that version in the table for comparison during login.
I will try the CTP style login soon.
But, could I use existed (user) data if I just wanted to test my login success or failure with session functionality?
Not want to do the creating user process before other implementations.

Thank you,
tech_me


On Tuesday, January 6, 2015 at 9:11:07 AM UTC+9, Joe T. wrote:
>> Is that the actual data in `users`, or just simplified for example? Just want to clarify. Manually adding records won't work in this case. 
>It is the actual data which is storing in my `users` table.

If '123' is the actual data in your password field in the data record, it's very likely this is the problem you're having with logging in.

The line
  if ($this->Auth->login()) { ...
fails because Auth->login() method encrypts the POST password, turning '123' into something like $2y$10$VgMbmaJ5l96WJYJeU... (in other words, an encrypted version of '123'). The encrypted string is compared to the database value more or less as-is. It expects the database value to already be encrypted. If they match, login passes. In your case:

Encrypted POST password $2y$10$VgMbmaJ5l96WJYJeU... !== stored password value 123, so login fails.

That's why i recommended setting up the create-user form from the tutorial. It will set up the creation of the user record, which will encrypt the password you supply and store that version in the table for comparison during login.

When i said you should adapt it to your needs, i meant the way the tutorial demonstrates the Form builder for CTP may not match exactly what you need for TAL. i'm unfamiliar with that, so if ignore that part if it was more confusing. :)

Hope that clears things up a little. :)
-joe


On Sunday, 4 January 2015 01:59:27 UTC-5, tech_me wrote:
Hi Joe, 
Happy New Year!

I'm sorry for delaying reply you.
> Is that the actual data in `users`, or just simplified for example? Just want to clarify. Manually adding records won't work in this case. 
It is the actual data which is storing in my `users` table.

> Auth automatically encrypts the submitted password & compares it to the database value. If you enter '123' as the password, it's not going to match '123' in the database after Auth encrypts it.
I don't know this issue, but entered the password `123` just as it have been stored in my table.
Maybe this is the problem...I'll check it.

> Obviously, adapt the CTP form to your TAL needs.
What this means? Are you talking about the usage in my controller but not html(TAL) files for login?

Regards,
tech_me


On Tuesday, December 23, 2014 11:35:40 PM UTC+9, Joe T. wrote:
Is that the actual data in `users`, or just simplified for example? Just want to clarify. Manually adding records won't work in this case. Auth automatically encrypts the submitted password & compares it to the database value. If you enter '123' as the password, it's not going to match '123' in the database after Auth encrypts it.

Look here for how to set up adding/editing users: http://book.cakephp.org/2.0/en/tutorials-and-examples/blog-auth-example/auth.html
Obviously, adapt the CTP form to your TAL needs.

Hope that helps...
-joe t.


On Monday, 22 December 2014 20:42:33 UTC-5, tech_me wrote:
By the way, I have a table `users` in my db, which have 2 records.
id,   email,  password
1001, abc@com, 123
1002, abc@org, 456

When I input email and password on the login form, it fails at `if ($this->Auth->login())`


On Tuesday, December 23, 2014 10:39:39 AM UTC+9, tech_me wrote:
In my view file(html)
<form method="POST" tal:attributes="action string:/users/login">
   
<input type="text" name="email" size="15" maxlength="30" placeholder="your email" /><br />
   
<input type="password" name="password" size="15" maxlength="15" placeholder="password" /><br />
   
<input type="submit" value="login" />
</form>

In my AppController.php
    public $components = array('RequestHandler',
            'Auth' => array(
                    'authenticate' => array(
                            'Form' => array('userModel' => 'User',
                                    'fields' => array('username' => 'email',
                                            'password' => 'password'))),
                    'loginAction' => array('controller' => 'users', 'action' => 'login'));

    public function beforeFilter() {
        $this->Auth->allow('login', 'logout');
    }

In my UsersController.php
    public function login() {
        if ($this->request->is('post')) {
                   if ($this->Auth->login()) {
                    return $this->redirect($this->Auth->redirect());
            } else {
                        echo ('failed'); // Always come here...
            }
        }
    }

    public function logout() {
        $this->Auth->logout();
        $this->Session->destroy();
        $this->redirect(array('action' => 'login'));
    }

Could you give some hints, please?
Thank you.


On Sunday, December 21, 2014 4:48:14 PM UTC+9, tech_me wrote:
1. Yes
2. Yes
3. No any error but just failed(false) at that `if` statement.
4. Maybe there is no the same name field in my user table, which is 'email' in html while 'nickname' in table schema

I will have a try soon.
Thank you.


On Friday, December 19, 2014 4:55:03 AM UTC+9, John Andersen wrote:
Please provide more information on the steps leading up to the error that you get.
1. Is the login form showing?
2. Can you submit the form?
3. Do you get the error back from your login method - wrong e-mail or password?
4. Something else?

Suggest that you at least create the users table and add one user, so that CakePHP has something to work with.

Enjoy, John

On Wednesday, 17 December 2014 14:14:43 UTC+2, tech_me wrote:
I posted to SO several days ago, but no expected replies.

I am now using PHPTAL which use html instead of ctp files.
Is there anyone who use the html files to cooperate with Cake's authentication?

Thanks.

--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP

---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscribe@googlegroups.com.
To post to this group, send email to cake-php@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php.
For more options, visit https://groups.google.com/d/optout.

No comments: