在 CakePHP 中使用 BlowfishPasswordHasher 在 login() 中使用无效的用户名或密码 2.x
Invalid username or password at login() using BlowfishPasswordHasher in CakePHP 2.x
我正在使用 CakePHP 2.7.8 构建管理面板。我的项目包含多个管理员而不是用户。这就是为什么我在数据库中有一个 admins table 而不是 users table.
我正在使用 BlowfishHasher 来散列密码,它工作正常。密码在保存到数据库之前被散列。
但是 login() returns:
Invalid username or password, try again
Table 管理员:
CREATE TABLE `admins` (
`id` char(36) NOT NULL,
`username` varchar(50) DEFAULT NULL,
`password` varchar(255) DEFAULT NULL,
`gender` varchar(45) DEFAULT NULL,
`created` datetime DEFAULT NULL,
`modified` datetime DEFAULT NULL,
PRIMARY KEY (`id`))
管理员模型:Admin.php
<?php
App::uses('AppModel', 'Model');
App::uses('BlowfishPasswordHasher','Controller/Component/Auth');
/**
* Admin Model
*
*/
class Admin extends AppModel {
/**
* Display field
*
* @var string
*/
public $displayField = 'first_name';
public function beforeSave($options = array()) {
if(isset($this->data[$this->alias]['password'])){
$passwordHasher = new BlowfishPasswordHasher();
$this->data[$this->alias]['password'] = $passwordHasher->hash(
$this->data[$this->alias]['password']
);
}
return true;
}
}
管理员控制器:AdminsController.php
<?php
App::uses('AppController', 'Controller');
/**
* Admins Controller
*
* @property Admin $Admin
* @property PaginatorComponent $Paginator
* @property FlashComponent $Flash
* @property SessionComponent $Session
*/
class AdminsController extends AppController {
/**
* Components
*
* @var array
*/
public $components = array('Paginator', 'Flash', 'Session');
/**
* index method
*
* @return void
*/
public function index() {
$this->Admin->recursive = 0;
$this->set('admins', $this->Paginator->paginate());
}
/**
* login function
*/
public function login(){
if($this->request->is('post')) {
if($this->Auth->login()) {
return $this->redirect($this->Auth->redirectUrl());
}
$this->Flash->error(__('Invalid username or password, try again'));
}
}
/**
* logout function
*/
public function logout(){
return $this->redirect($this->Auth->logout());
}
}
应用程序控制器:AppController.php
<?php
App::uses('Controller', 'Controller');
/**
* @package app.Controller
* @link http://book.cakephp.org/2.0/en/controllers.html#the-app-controller
*/
class AppController extends Controller {
public $components = array(
'Flash',
'Auth' => array(
'loginRedirect'=>array(
'controller'=>'admins',
'action'=>'index'
),
'logoutRedirect'=>array(
'controller'=>'admins',
'action'=>'login'
),
'authenticate'=>array(
'Form'=>array(
'passwordHasher'=>'Blowfish'
)
)
)
);
function beforeFilter() {
$this->Auth->authenticate = array(
AuthComponent::ALL => array(
'userModel' => 'Admin'
)
);
$this->Auth->allow('login','add','index');
}
}
登录视图:login.ctp
<div class="users form">
<?php echo $this->Flash->render('auth'); ?>
<?php echo $this->Form->create('admin'); ?>
<fieldset>
<legend>
<?php echo __('Please enter your username and password'); ?>
</legend>
<?php
echo $this->Form->input('username');
echo $this->Form->input('password');
?>
</fieldset>
<?php echo $this->Form->end(__('Login')); ?>
</div>
尝试将 password 字段从 VARCHAR(255) 更改为 BINARY(60)。
记得在这样做之后清除模型缓存。
有关详细信息,请参阅以下问题:
- What column type/length should I use for storing a Bcrypt hashed password in a Database?
编辑
$components 数组中定义的 AuthComponent 配置也在 beforeFilter() 中被覆盖。
尝试替换以下代码:
$this->Auth->authenticate = array(
AuthComponent::ALL => array(
'userModel' => 'Admin'
)
);
与:
$this->Auth->authenticate[AuthComponent::ALL] = array(
'userModel' => 'Admin'
);
编辑 2
在你看来,你必须更换
<?php echo $this->Form->create('admin'); ?>
和
<?php echo $this->Form->create('Admin'); ?>
大小写很重要。
从您发布的问题来看,我认为您登录时可能没有正确散列密码。
尝试在您的登录操作中进行一些调试:
public function login(){
if($this->request->is('post')) {
App::uses('BlowfishPasswordHasher','Controller/Component/Auth');
$passwordHasher = new BlowfishPasswordHasher();
$this->request->data['Admin']['password'] = $passwordHasher->hash(
$this->request->data['Admin']['password']
);
pr($this->request->data);
exit;
// Take a look at this $this->request->data["Admin"]["password"] field and compare it with the password you have in the database. Do they match?
if($this->Auth->login()) {
return $this->redirect($this->Auth->redirectUrl());
}
$this->Flash->error(__('Invalid username or password, try again'));
}
}
和平! xD
我正在使用 CakePHP 2.7.8 构建管理面板。我的项目包含多个管理员而不是用户。这就是为什么我在数据库中有一个 admins table 而不是 users table.
我正在使用 BlowfishHasher 来散列密码,它工作正常。密码在保存到数据库之前被散列。
但是 login() returns:
Invalid username or password, try again
Table 管理员:
CREATE TABLE `admins` (
`id` char(36) NOT NULL,
`username` varchar(50) DEFAULT NULL,
`password` varchar(255) DEFAULT NULL,
`gender` varchar(45) DEFAULT NULL,
`created` datetime DEFAULT NULL,
`modified` datetime DEFAULT NULL,
PRIMARY KEY (`id`))
管理员模型:Admin.php
<?php
App::uses('AppModel', 'Model');
App::uses('BlowfishPasswordHasher','Controller/Component/Auth');
/**
* Admin Model
*
*/
class Admin extends AppModel {
/**
* Display field
*
* @var string
*/
public $displayField = 'first_name';
public function beforeSave($options = array()) {
if(isset($this->data[$this->alias]['password'])){
$passwordHasher = new BlowfishPasswordHasher();
$this->data[$this->alias]['password'] = $passwordHasher->hash(
$this->data[$this->alias]['password']
);
}
return true;
}
}
管理员控制器:AdminsController.php
<?php
App::uses('AppController', 'Controller');
/**
* Admins Controller
*
* @property Admin $Admin
* @property PaginatorComponent $Paginator
* @property FlashComponent $Flash
* @property SessionComponent $Session
*/
class AdminsController extends AppController {
/**
* Components
*
* @var array
*/
public $components = array('Paginator', 'Flash', 'Session');
/**
* index method
*
* @return void
*/
public function index() {
$this->Admin->recursive = 0;
$this->set('admins', $this->Paginator->paginate());
}
/**
* login function
*/
public function login(){
if($this->request->is('post')) {
if($this->Auth->login()) {
return $this->redirect($this->Auth->redirectUrl());
}
$this->Flash->error(__('Invalid username or password, try again'));
}
}
/**
* logout function
*/
public function logout(){
return $this->redirect($this->Auth->logout());
}
}
应用程序控制器:AppController.php
<?php
App::uses('Controller', 'Controller');
/**
* @package app.Controller
* @link http://book.cakephp.org/2.0/en/controllers.html#the-app-controller
*/
class AppController extends Controller {
public $components = array(
'Flash',
'Auth' => array(
'loginRedirect'=>array(
'controller'=>'admins',
'action'=>'index'
),
'logoutRedirect'=>array(
'controller'=>'admins',
'action'=>'login'
),
'authenticate'=>array(
'Form'=>array(
'passwordHasher'=>'Blowfish'
)
)
)
);
function beforeFilter() {
$this->Auth->authenticate = array(
AuthComponent::ALL => array(
'userModel' => 'Admin'
)
);
$this->Auth->allow('login','add','index');
}
}
登录视图:login.ctp
<div class="users form">
<?php echo $this->Flash->render('auth'); ?>
<?php echo $this->Form->create('admin'); ?>
<fieldset>
<legend>
<?php echo __('Please enter your username and password'); ?>
</legend>
<?php
echo $this->Form->input('username');
echo $this->Form->input('password');
?>
</fieldset>
<?php echo $this->Form->end(__('Login')); ?>
</div>
尝试将 password 字段从 VARCHAR(255) 更改为 BINARY(60)。
记得在这样做之后清除模型缓存。
有关详细信息,请参阅以下问题:
- What column type/length should I use for storing a Bcrypt hashed password in a Database?
编辑
$components 数组中定义的 AuthComponent 配置也在 beforeFilter() 中被覆盖。
尝试替换以下代码:
$this->Auth->authenticate = array(
AuthComponent::ALL => array(
'userModel' => 'Admin'
)
);
与:
$this->Auth->authenticate[AuthComponent::ALL] = array(
'userModel' => 'Admin'
);
编辑 2
在你看来,你必须更换
<?php echo $this->Form->create('admin'); ?>
和
<?php echo $this->Form->create('Admin'); ?>
大小写很重要。
从您发布的问题来看,我认为您登录时可能没有正确散列密码。
尝试在您的登录操作中进行一些调试:
public function login(){
if($this->request->is('post')) {
App::uses('BlowfishPasswordHasher','Controller/Component/Auth');
$passwordHasher = new BlowfishPasswordHasher();
$this->request->data['Admin']['password'] = $passwordHasher->hash(
$this->request->data['Admin']['password']
);
pr($this->request->data);
exit;
// Take a look at this $this->request->data["Admin"]["password"] field and compare it with the password you have in the database. Do they match?
if($this->Auth->login()) {
return $this->redirect($this->Auth->redirectUrl());
}
$this->Flash->error(__('Invalid username or password, try again'));
}
}
和平! xD