Auth login doesn't work in cakephp

Question

I have written a users controller which should login a user if the submitted username and passwort (encrypted with cakephp's Security::hash() => eg 6b0deec0d563224524da45691584643bc78c96ea , no additional hash settings) matches a row in the database. But it doesn't work and I don't have any idea why.

This is a snippet of my UsersController.php

public function add() {
    $this->set("title_for_layout", "Register");

    if($this->request->is("post")) {
        $this->User->set($this->request->data);

    if($this->User->save(array("password" => Security::hash($this->request->data["User"]["password"])))) {
            $this->Session->setFlash(__("Successfully registred."), "flash_success");
            $this->redirect("/login");
    } else {
        $this->Session->setFlash(__("Validation failed."), "flash_danger");
    }
    }
}

The registration works fine and a row in the database is created where I have the colums "username" which contains the plain username eg "myuser" and "password" which contains a hashed string. I don't think that the problem could be solved here.

This is another snippet of my UsersController.php

public function login() {
    $this->set("title_for_layout", "Login");

    if($this->request->is("post")) {
        if($this->Auth->login()) {
            $this->Session->setFlash("Login successfull.", "flash_success");
        } else {
            $this->Session->setFlash("Login failed.", "flash_danger");
        }
    }
}

And here is the view login.ctp

<?php echo $this->Form->create('User'); ?>
<?= $this->Form->input("username"); ?>
<?= $this->Form->password("password"); ?>
<?= $this->Form->end("submit"); ?>

And here's my problem: The login always fail. Additionally I don't have any settings in the $component array.

How can I solve the problem?

Answer 1

If you're using cakePHP 2.x then you can set password encryption in the model's callback function beforeSave() as

<?php
// app/Model/User.php
App::uses('AuthComponent', 'Controller/Component');
class User extends AppModel {

// ...

public function beforeSave($options = array()) {
    if (isset($this->data[$this->alias]['password'])) {
        $this->data[$this->alias]['password'] = AuthComponent::password($this->data[$this->alias]['password']);
    }
    return true;
}

?>

For more information follow the link . IF you still want to encrypt password in the controller then you can use the code like.

public function add() {
    $this->set("title_for_layout", "Register");

    if($this->request->is("post")) {
        $this->User->set($this->request->data);

    if($this->User->save(array("password" => $this->Auth->password($this->request->data["User"]["password"])))) {
            $this->Session->setFlash(__("Successfully registred."), "flash_success");
            $this->redirect("/login");
    } else {
        $this->Session->setFlash(__("Validation failed."), "flash_danger");
    }
    }
}

?>

If you're using the cakePHP 2.4 or later then follow the documentation here .