CakePHP -无法使用Blowfish算法进行身份验证
在获取cakephp以使用河豚存储的密码进行身份验证时遇到了一些问题。
在AppController中。设置全局组合。用户模型是CompaniesUser,它对应于磁盘上的一个名为CompaniesUser.php的文件。密码Hasher是小龙虾
App::uses('AuthComponent', 'Controller/Component');
App::uses('BlowfishPasswordHasher', 'Controller/Component/Auth');
class AppController extends Controller {
public $helpers = array('CustomHtml');
public $components = array(
'DebugKit.Toolbar',
'Session',
'Auth' => array(
'loginRedirect' => array(
'controller' => 'dashboard',
'action' => 'something'
),
'logoutRedirect' => array(
'controller' => 'users',
'action' => 'login'
),
'authenticate' => array(
'Form' => array(
'userModel' => 'CompaniesUser',
'passwordHasher' => 'Blowfish'
)
)
)
);登录CTP:
<?php
echo $this->Form->create('User', array('action' => 'login'));
echo $this->Form->input('username');
echo $this->Form->input('password');
echo $this->Form->end('Login');
?>保存项目之前的CompaniesUser模型:
public function beforeSave($options = array())
{
if (isset($this->data[$this->alias]['password'])) {
$passwordHasher = new BlowfishPasswordHasher();
$this->data[$this->alias]['password'] = $passwordHasher->hash(
$this->data[$this->alias]['password']
);
}
return true;
}实际上,数据库似乎已经设置了已吹倒的密码。
登录方法所在的UsersController.php。
App::uses('BlowfishPasswordHasher', 'Controller/Component/Auth');
class UsersController extends AppController {
public $uses = array(
'Company','CompaniesUser'
);
public function login()
{
//uses a different theme
$this->layout = 'admin\login';
if ($this->request->is('post')) {
if ( $this->Auth->login() )
return $this->redirect( $this->Auth->redirectUrl() );
$this->Session->setFlash( __( Configure::read('UsersController.InvalidPassword') ), 'custom\flash' );
}
}
public function beforeFilter()
{
parent::beforeFilter();
$this->Auth->authenticate = array(
'Basic' => array('userModel' => 'CompaniesUser'),
'Form' => array('userModel' => 'CompaniesUser')
);
// Allow users to register and logout.
$this->Auth->allow('register', 'logout', 'verify', 'verifyResend', 'verifyAuth');
}蛋糕仍然拒绝登录,而且考虑到$this->Auth-> login ()是一个黑匣子,我无法看到SQL输出当前的样子。我已经尝试了一些关于使用DebugKit的指导,当前的报告是: Sql日志
警告没有活动数据库连接。<--现在返回更改了表单名称的SQL。
有人想办法试试吗?
更新:从登录表单返回的SQL如下所示。
SELECT `CompaniesUser`.`id`, `CompaniesUser`.`company_id`, `CompaniesUser`.`name`, `CompaniesUser`.`username`
, `CompaniesUser`.`password`, `CompaniesUser`.`active`, `CompaniesUser`.`user_activation_hash`, `CompaniesUser`.`user_password_reset_hash`, `CompaniesUser`.`user_password_reset_timestamp`, `CompaniesUser`.`holidays_allocated`, `CompaniesUser`.`admin`, `CompaniesUser`.`manager`, `CompaniesUser`.`first_run_finished`, `CompaniesUser`.`payment_active`, `Company`.`id`, `Company`.`name`, `Company`.`account_type`, `Company`.`active`, `Company`.`stripe_customer_id`, `Company`.`payment_active`
FROM `deckchair`.`companies_users` AS `CompaniesUser`
LEFT JOIN `deckchair`.`companies` AS `Company`
ON (`CompaniesUser`.`company_id` = `Company`.`id`)
WHERE `CompaniesUser`.`username` = 'user@test.com' LIMIT 1回答 1
Stack Overflow用户
发布于 2014-12-23 18:14:03
我在核心课程中做了一些拖网,想弄清楚到底发生了什么事,但我还是不由自主地找到了答案。基本身份验证行74有$settings,当var_dumped没有显示Blowfish设置的任何迹象时,它就会出现。
如下所示。不知道这是否是事实上的标准蛋糕方式,或者确切地说,为什么在组件数组中指定河豚algo没有什么区别,但也许这会帮助到其他人。
public function beforeFilter()
{
parent::beforeFilter();
$this->Auth->authenticate = array(
'Form' => array('userModel' => 'CompaniesUser','passwordHasher' => 'Blowfish')
);
// Allow users to register and logout.
$this->Auth->allow('register', 'logout', 'verify', 'verifyResend', 'verifyAuth', 'login');
}https://stackoverflow.com/questions/27621331
复制相似问题
腾讯云开发者
Copyright © 2013 - 2026 Tencent Cloud. All Rights Reserved. 腾讯云 版权所有
深圳市腾讯计算机系统有限公司 ICP备案/许可证号:粤B2-20090059 
粤公网安备44030502008569号
腾讯云计算(北京)有限责任公司 京ICP证150476号 | 京ICP备11018762号