个人中心
gpt4 book ai didi

Cake php login says invalid username and password even when they are correct(蛋糕php登录显示用户名和密码无效,即使它们是正确的)

转载 作者:bug小助手 更新时间:2023-10-25 16:22:50 27 4
gpt4 key购买 nike



I am trying to implement the login system from the Cake php blog tutorial into my own system but cannot seem to get it working. All attempts made to login are met with the error I set in UserController->login().

我试图实现登录系统从蛋糕php博客教程到我自己的系统,但似乎无法让它工作。所有登录尝试都会遇到我在UserController->LOGIN()中设置的错误。



Heres some of my code, I can post more if needed.

以下是我的一些代码,如果需要,我可以发布更多。



UsersController.php

UsersController.php



namespace App\Controller;

use App\Controller\AppController;
use Cake\Event\Event;

class UsersController extends AppController
{

    public function beforeFilter(Event $event)
    {
        parent::beforeFilter($event);
        $this->Auth->allow(['add','logout']);
    }

    public function login() 
    {
        if($this->request->is('post')){
            $user = $this->Auth->identify();
            if($user){
                $this->Auth->setUser($user);
                return $this->redirect($this->Auth->redirectUrl());
            }
        }
        $this->Flash->error(__('Invalid username or password, try again.'));
    }
}


AppController.php

AppController.php



class AppController extends Controller
{
    public function initialize()
    {
        parent::initialize();

        $this->loadComponent('RequestHandler');
        $this->loadComponent('Flash');
        $this->loadComponent('Auth', [
            'authenticate' => [
                'Form' => [
                    'fields' => [
                        'username' => 'username',
                        'password' => 'password'
                    ]
                ]
            ],
            'loginRedirect' => [
                'controller' => 'Projects',
                'action' => 'index'
            ],
            'logoutRedirect' => [
                'controller' => 'Pages',
                'action' => 'display',
                'home'
            ]
        ]);
    }

    public function beforeFilter(Event $event)
    {
        $this->Auth->allow(['index', 'view', 'edit', 'display']);
    }
}


login.ctp

Login.ctp



<div class="users form">
<?= $this->Flash->render('auth') ?>
<?= $this->Form->create() ?>
    <fieldset>
        <legend><?= __('Please enter your username and password') ?></legend>
        <?= $this->Form->input('username') ?>
        <?= $this->Form->input('password') ?>
    </fieldset>
<?= $this->Form->button(__('Login')); ?>
<?= $this->Form->end() ?>
</div>


User.php

User.php



class User extends Entity
{

    protected $_accessible = [
        '*' => true,
        'id' => false,
    ];

    protected function _setPassword($password)
    {
        return (new DefaultPasswordHasher)->hash($password);
    }

}


UsersTable.php

UsersTable.php



class UsersTable extends Table
{

    public function initialize(array $config)
    {
        parent::initialize($config);

        $this->table('users');
        $this->displayField('username');
        $this->primaryKey('id');

        $this->addBehavior('Timestamp');

        $this->hasMany('Projects', [
            'foreignKey' => 'user_id'
        ]);
        $this->hasMany('TicketsComments', [
            'foreignKey' => 'user_id'
        ]);
        $this->belongsToMany('Projects', [
            'foreignKey' => 'user_id',
            'targetForeignKey' => 'project_id',
            'joinTable' => 'projects_users'
        ]);
        $this->belongsToMany('Tickets', [
            'foreignKey' => 'user_id',
            'targetForeignKey' => 'ticket_id',
            'joinTable' => 'tickets_users'
        ]);
    }

    public function validationDefault(Validator $validator)
    {
        $validator
            ->integer('id')
            ->allowEmpty('id', 'create');

        $validator
            ->requirePresence('username', 'create')
            ->notEmpty('username', 'A username is reuired.')
            ->add('username', 'unique', ['rule' => 'validateUnique', 'provider' => 'table']);

        $validator
            ->email('email')
            ->requirePresence('email', 'create')
            ->notEmpty('email')
            ->add('email', 'unique', ['rule' => 'validateUnique', 'provider' => 'table']);

        $validator
            ->requirePresence('password', 'create')
            ->notEmpty('password', 'A password is required.');

        $validator
            ->notEmpty('role', 'A role is required.')
            ->add('role', 'inList', [
                'rule' => ['inList',['Admin', 'User']],
                'message' => 'Please enter a valid role.'
            ]);

        return $validator;
    }

    public function buildRules(RulesChecker $rules)
    {
        $rules->add($rules->isUnique(['username']));
        $rules->add($rules->isUnique(['email']));
        return $rules;
    }
}


I am pretty baffled as to what I have done wrong. I can confirm in the database that the passwords are actually hashing. I also read somewhere that passwords should be VARCHAR(50) in the database and this is the case with mine so it shouldn't be that.

我对自己做错了什么感到很困惑。我可以在数据库中确认密码实际上是散列的。我还在某个地方读到数据库中的密码应该是VARCHAR(50),我的密码就是这样,所以不应该是这样的。



Thanks in advance

提前谢谢你


更多回答

You've read wrong, the default password hasher uses bcrypt (for now), which requires 60 chars, and may expand in the future in case the default algorithm changes. Stick with the maximum of 255 and you're on the safe side.

您读错了,默认密码hasher使用bcrypt(目前),它需要60个字符,如果默认算法发生变化,将来可能会扩展。坚持255的最大值,这样你就安全了。

Is there a good way to change that without dropping users @ndm ?

有没有一个好的方法来改变这一点,而不放弃用户@ndm?

The only thing that you need to "drop" are the passwords, they are broken. Just change the column length, then via CakePHP read all users, iterate over them, and save them with new passwords.

你唯一需要“丢弃”的就是密码,它们是破解的。只需更改列长度,然后通过CakePHP读取所有用户,迭代他们,并用新密码保存他们。

优秀答案推荐

So my passwords was too small, according to a helpful answer from ndm default password hasher needs varchar(60), the stuff I had read about varchar(50) could have been for blowfish which I don't use.

所以我的密码太小了,根据NDM默认密码hasher Need varchar(60)的一个有用的答案,我读到的关于varchar(50)的东西可能是我不使用的河豚的。



The syntax for easily changing the varcahr limit is: ALTER TABLE users CHANGE password password VARCHAR(255);

轻松更改varcahr限制的语法为:ALTER TABLE USERS CHANGE PASSWORD PASSWORD VARCHAR(255);



edit: I cannot mark my own answer as solved but the problem is solved.

编辑:我无法将我自己的答案标记为已解决,但问题已解决。



This will probably not work right away, but is the form being POSTed?
You need to start debugging, change your function to this, to check:

这可能不会马上起作用,但是表格已经发布了吗?您需要开始调试,将您的函数更改为以下内容,以检查:



public function login() 
    {
        if($this->request->is('post')){
        echo "YES, we have posted information!<br />"; var_dump($this->request);
            $user = $this->Auth->identify();
        echo "<br /><br />Let's have a look at $user = $this->Auth->identify();"; var_dump($this->request); 
            if($user){
                $this->Auth->setUser($user);
                return $this->redirect($this->Auth->redirectUrl());
            }
        }
        $this->Flash->error(__('Invalid username or password, try again.'));
    }

更多回答

You can accept your own answer after 48 hours. stackoverflow.com/help/self-answer

您可以在48小时后接受您自己的答案。Stackoverflow.com/Help/Self-Answer

Thanks, I'll need to note those debugs down for if I get problems in the future! Ndm however allready correctly pointed out my problem and I answered my question with the solution.

谢谢,我需要记下这些调试,以备将来遇到问题!然而,NDM已经正确地指出了我的问题,我用解决方案回答了我的问题。

27 4 0
文章推荐: batch file regex ids from html file(批处理文件来自html文件的regex ID)
文章推荐: Is a block formatting context created by an element with a border?(块格式上下文是由带边框的元素创建的吗?)
文章推荐: Should I import 'fs' or 'node:fs' in Bun?(我应该在Bun中导入‘fs’还是‘node:FS’?)
文章推荐: How to get the postId in NextJS 13(如何获取NextJS 13中的postID)
bug小助手
个人简介

我是一名优秀的程序员,十分优秀!

作者热门文章
滴滴打车优惠券免费领取
滴滴打车优惠券
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com