【发布时间】:2017-06-23 16:57:55
【问题描述】:
我制作了一个简单的日志系统,但它没有登录(CakePHP 3.3)。密码以散列方式保存,例如:
$2y$10$tKUu6KUzrHwqTR5FD0YpaegFHkaoFOWViAtvijJpSQxxJ.E1WFPMu
登录操作无法识别用户。我的控制器和操作:
UsersController.php:
public function login()
{
if ($this->request->is('post')) {
debug($this->request->data);
debug($this->Auth->identify());
$user = $this->Auth->identify();
if ($user) {
$this->Auth->setUser($user);
return $this->redirect($this->Auth->redirectUrl());
} else {
$this->Flash->error(__('Username or password is incorrect'), [
'key' => 'auth'
]);
}
}
}
AppController.php:
public function initialize()
{
parent::initialize();
$this->loadComponent('RequestHandler');
$this->loadComponent('Flash');
//$this->loadComponent('Security');
//$this->loadComponent('Csrf');
$this->loadComponent('Auth', [
'authenticate', [
'Form' => [
'fields' => ['username'=>'email', 'password'=>'password'],
'userModel' => 'Users',
'passwordHasher' => 'Default'
]
],
'loginAction' => [
'controller' => 'Users',
'action' => 'login'
],
'loginRedirect' => ['controller'=>'Users', 'action'=>'dashboard'],
'logoutRedirect' => ['controller'=>'Users', 'action'=>'login'],
'authError' => __('You do not have permission to access.'),
'storage' => 'Session'
]);
}
User.php 实体:
class User extends Entity
{
protected $_accessible = [
'*' => true,
'id' => false
];
protected $_hidden = [
'password'
];
protected function _setPassword($password) {
return (new DefaultPasswordHasher)->hash($password);
}
}
login.ctp:
<h1>login</h1>
<?php
echo $this->Flash->render();
echo $this->Flash->render('auth');
echo $this->Form->create();
echo $this->Form->input('email');
echo $this->Form->input('password');
echo $this->Form->button('entrar');
echo $this->Form->end();
第一个 debug() 返回纯文本密码和电子邮件。第二个 debug() 永远返回 false。
我错过了什么?
【问题讨论】:
标签: cakephp hash login cakephp-3.0