CakePHP 2.5.7 - 使用非标准用户登录时的身份验证失败 [英] CakePHP 2.5.7 - Authentication failure on login with non-standard user

问题描述

我尝试在调用 Auth时使用我的帐户模型，而不是标准用户。 Auth是基于登录电子邮件和令牌。

I am trying to use my Account model instead of the standard user when calling Auth. Auth is basing the login off of an email and token.

添加帐户时，他们正在通过 BlowfishPasswordHasher。

When Accounts are being added, they are going through the BlowfishPasswordHasher.

我只是不能确定什么时候登录失败时进行身份验证。

I just can't determine at what point it is failing to authenticate when logging in.

据我所见，我引用了而不是用户使用帐户，并使用电子邮件/

As far as I can see I've referenced Auth to use Account instead of User, and use email/token instead of username/password wherever relevant.

有没有什么可以突出或其他调试行我可以尝试？

Is there anything obvious that sticks out or additional debugging lines that I could try?

帐户模型

App::uses('AppModel', 'Model');
App::uses('BlowfishPasswordHasher', 'Controller/Component/Auth');

class Account extends AppModel {
...
    public function beforeSave($options = array()) {
        if (isset($this->data['Account']['token'])) {
            $passwordHasher = new BlowfishPasswordHasher();
            $this->data['Account']['token'] = $passwordHasher->hash(
                $this->data['Account']['token']
            );
        }
        return true;
    }

}

strong>

Accounts Controller

App::uses('AppController', 'Controller');

class AccountsController extends AppController {

    public function beforeFilter() {
        parent::beforeFilter();
        $this->Auth->allow('add');
    }

    public function login() {
        $this->layout = 'nosidemenu';
        #debug($_SESSION);

        if ($this->request->is('post')) {
            if ($this->Auth->login()) {
                return $this->redirect($this->Auth->redirectUrl());
            }
            $this->Flash->error(__('Invalid username or password, try again debug($this->Auth->login())'));
        }
    }

}

Login.ctp

    <?php echo $this->Flash->render('auth'); ?>
    <?php echo $this->Form->create('Account', array('action' => 'login')); ?>

    <?php echo $this->Form->input('email', array('class' => 'form-control', 'type' => 'text', 'placeholder' => 'Email')); ?>    
    <?php echo $this->Form->input('token', array('class' => 'form-control', 'type' => 'password', 'placeholder' => 'Password')); ?> 

    <?php echo $this->Form->submit('Submit', array('class' => 'btn btn-primary btn-block btn-flat')); 
      echo $this->Form->end(); ?>

AppController

App::uses('Controller', 'Controller');
class AppController extends Controller {    
    public $components = array(
        'Session',
        'Flash',
        'Auth' => array('authenticate' => array('Form' => array(
                        'userModel' => 'Account',
                        'passwordHasher' => 'Blowfish',
                         'fields' => array(
                                           'username' => 'email',
                                           'password' => 'token'
                                           )
                       )
            ),
            'loginRedirect' => array(
                'controller' => 'accounts',
                'action' => 'index'
            ),
            'loginAction' => array(
                'controller' => 'accounts',
                'action' => 'login'
            ),
            'logoutRedirect' => array(
                'controller' => 'pages',
                'action' => 'index',
                'home'
            ),
            'authError' => 'You don\'t have access here.',
            ),
    );

    public function beforeFilter() {
        $this->Auth->allow('index', 'view');
        $this->Auth->authError = sprintf(__('You are not authorized to access that location %s/%s .',true),$this->name,$this->action);

    }

}

在我的登录函数中具有以下调试行：

Additionally, I have the following debug lines in my login function:

EDIT：

我一直在玩一些调试行，我添加了 debug（$ this-> data）; 在我的AppController beforeFilter（）和AccountController login（）。
该调试行的两个实例都报告相同的数组：

So I've been playing with some debug lines, I've added debug($this->data); in both my AppController beforeFilter() and AccountController login(). Both instances of that debug line report the same array of:

array(
    'Account' => array(
         'email' => 'user@test.com',
         'token' => 'password'
     )
)

login（）中的调试消息不应报告散列令牌吗？即使帐户使用哈希密码添加到数据库中，在通过登录被调用时，他们也不会被哈希处理？

Shouldn't the debug message in login() report a hashed token? Even though Accounts are added to the database with a hashed password, could they not be getting hashed when being called through login?

推荐答案

您必须为您的模型设置数据

You have to set data to your model

public function login() {
        $this->layout = 'nosidemenu';
        #debug($_SESSION);

        if ($this->request->is('post')) {
            /* Passed the request data in $this->Auth->login() */
            if ($this->Auth->login($this->request->data)) {
                return $this->redirect($this->Auth->redirectUrl());
            }
            $this->Flash->error(__('Invalid username or password, try again debug($this->Auth->login())'));
        }
    }

这里是从此处

在2.x中 $ this-> Auth-> login（$ this-> request-> data）将记录用户与任何数据发布，而在1.3 $ this-> Auth-> login（$ this-> data）将尝试标识用户优先，只有在成功时才登录。

In 2.x $this->Auth->login($this->request->data) will log the user in with whatever data is posted, whereas in 1.3 $this->Auth->login($this->data) would try to identify the user first and only log in when successful.

这篇关于CakePHP 2.5.7 - 使用非标准用户登录时的身份验证失败的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！