cakephp从1.3升级到2验证失败 [英] cakephp upgrade from 1.3 to 2 authentication failure

问题描述

我实际上想出了这一点，但是我找不到任何东西，直到与另一个开发人员的头脑风暴 - 跟踪通过核心代码，以找出发生了什么。

I've actually figured this out but I couldn't find anything about this until brainstorming with another developer - tracing through the core code to figure out what was going on.

问题很简单 - 从CakePHP v1.3升级到v2.5.9后，登录（身份验证）不起作用。但是没有错误消息告诉你为什么它不工作。

正如 2.0迁移指南：

AuthComponent完全重新考虑了2.0，这是为了帮助减少开发人员的混乱和沮丧。此外，AuthComponent做得更灵活和可扩展。您可以在身份验证指南中找到更多信息。 / p>

The AuthComponent was entirely re-factored for 2.0, this was done to help reduce developer confusion and frustration. In addition, AuthComponent was made more flexible and extensible. You can find out more in the Authentication guide.

上面的认证指南解释了很好，很好的如何让它为一个新的安装工作，但什么都不需要做什么

The Authentication guide mentioned explains all well and good how you should get it to work for a new installation but nothing about what you need to do to migrate.

更进一步的问题是没有错误告诉你发生了什么。

The further problem is that there is no error to tell you what is going on.

我复制了 UsersController.php - >登录记录他们rel =nofollow>识别用户：

I copied the code for the UsersController.php -> login method from the Authentication guide section on Identifying users:

public function login() {
    if ($this->request->is('post')) {
        // Important: Use login() without arguments! See warning below.
        if ($this->Auth->login()) {
            return $this->redirect($this->Auth->redirectUrl());
            // Prior to 2.3 use
            // `return $this->redirect($this->Auth->redirect());`
        }
        $this->Session->setFlash(
            __('Username or password is incorrect'),
            'default',
            array(),
            'auth'
        );
    }
}

在我的 AppController.php 我有以下：

public $components = array(
    'Session', 'P28n', 'Store', 'SiteStore', 'UserAccessLevel', 'Auth'
);

然后在 AppController.php - > beforeFilter ：

$this->Auth->authorize = array('Controller');
$this->Auth->loginError = __('Login failed, invalid username or password. Please try again.');
$this->Auth->authError = __('Please log-in.');
$this->Auth->allow('login', 'logout');

唯一确定我知道的是 $ this-> Auth-> login（）返回false。

The only thing for sure that I knew is that $this->Auth->login() is returning false. But the problem could be anything.

推荐答案

问题是对密码进行哈希。答案。

我只要在简单密码哈希组件中添加在验证指南中建议：

I'd got as far as adding in the Simple password hashing component suggested in the Authentication guide:

public $components = array(
    'Auth' => array(
        'authenticate' => array(
            'Form' => array(
                'passwordHasher' => array(
                    'className' => 'Simple',
                    'hashType' => 'sha256'
                )
            )
        )
    )
);

但是这仍然失败了，但是我不能确认密码哈希是绝对的原因。它跟踪代码到 BaseAuthenticate :: _ findUser ，这绝对是失败的密码来确认它。

But this still failed, but I couldn't confirm that password hashing was definitely the cause. It took tracing the code through to BaseAuthenticate::_findUser that was definitely failing on the passwords to confirm it.

在这一点上，我然后做了一个刺，可以使来自CakePHP的密码哈希匹配Simple passwordHasher。

At this point I then made a stab that the hashing of the passwords from CakePHP could be made to match the Simple passwordHasher.

CakePHP 1.3中的密码使用sha1，并切换'hashType'=> 'sha1'解决了问题：

The passwords in CakePHP 1.3 are saved using sha1, and switching 'hashType' => 'sha1' fixed the problem:

public $components = array(
    'Auth' => array(
        'authenticate' => array(
            'Form' => array(
                'passwordHasher' => array(
                    'className' => 'Simple',
                    'hashType' => 'sha1'
                )
            )
        )
    )
);

这篇关于cakephp从1.3升级到2验证失败的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！