CakePHP-Auth哈希密码不同于Security :: hash()
[英]CakePHP - Auth hashed password different to Security::hash()
问题描述
On my password reset page, I save the user's new password using Security::hash(). 
在密码重置页面上,我使用Security :: hash()保存用户的新密码。 When I then try to log in though, my database saved hashed password does not match the version that Auth comes up with when hashing my input in the login field. 但是,当我尝试登录时,我的数据库保存的哈希密码与对登录字段中的输入进行哈希处理时Auth所提供的版本不匹配。
I assume this is something like Security::hash() using my application salt to hash the password, whereas Auth doesn't use that salt? 我以为这就像是Security :: hash()一样,使用我的应用程序salt来对密码进行哈希处理,而Auth不使用该salt吗?
How do you go about this? 您如何处理?
2 个解决方案
解决方案1
5 已采纳 2011-07-26 15:23:15
Have you tried the AuthComponent::password() method instead? 您是否尝试过AuthComponent::password()方法?
Also, if the field is named password , check that AuthComponent hasn't already hashed it. 另外,如果该字段名为password ,请检查AuthComponent尚未对其进行哈希处理。
Edit: In 3.x, see DefaultPasswordHasher::hash() instead, as explained in Hashing Passwords . 编辑:在3.x中,请参阅DefaultPasswordHasher::hash() ,如哈希密码中所述 。
解决方案2
1 2011-07-26 18:06:25
should be Security::hash($password, 'sha1', true) 应该是Security::hash($password, 'sha1', true)
you can leave the second parameter NULL because Auth use the same hash as specified in Security. 您可以保留第二个参数为NULL,因为Auth使用与“安全性”中指定的哈希相同的哈希值。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.