由于某种原因,我无法登录我注册的帐户 . 更多信息如下 .
Functions from UsersController.php
public function login() {
if ($this->request->is('post')) {
$auth = $this->Auth->identify(); // Returns false
debug($this->request->getData()); // Return email & with unhashed password
debug($auth);
if ($auth) {
$this->Auth->setUser($auth);
$this->redirect($this->Auth->redirectUrl());
} else {
$this->Flash->error('E-mail or password is wrong.');
}
}
}
public function register() {
$user = $this->Users->newEntity();
$this->set('user', $user);
$this->loadModel('Groups');
$group = $this->Groups->newEntity();
$this->set('group', $user);
if ($this->request->is('post')) {
// Check if passwords matches
$pass = $this->request->getData('password');
$con_pass = $this->request->getData('password_confirm');
if ($pass !== $con_pass) {
return $this->Flash->error('Passwords don\'t match');
}
// Patch entities
$group = $this->Groups->patchEntity($group, $this->request->getData());
$user = $this->Users->patchEntity($user, $this->request->getData());
// Make group and user
if (empty($group->errors()) && empty($user->errors())) {
// Group
if (!$this->Groups->save($group)) {
return $this->Flash->error('Something went wrong');
}
// User
$user->group_id = $group->id;
if ($this->Users->save($user)) {
$this->Flash->success('Welkom ' . $user->name . '!');
// return $this->redirect(['action' => 'register']);
} else {
return $this->Flash->error('something went wrong2');
}
}
}
}
Auth component in AppController:
$this->loadComponent('Auth', [
'userModel' => 'Users',
'loginAction' => [
'controller' => 'Users',
'action' => 'login'
],
'authenticate' => [
'Form' => [
'fields' => [
'username' => 'email',
'password' => 'password'
]
]
],
//'authError' => false,
'storage' => 'Session'
]);
Login form:
<?= $this->Form->create('User'); ?>
<?= $this->Form->email('email', ['placeholder' => 'E-mail', 'maxlength' => '42', 'label' => false]) ?>
<?= $this->Form->password('password', ['type' => 'password', 'placeholder' => 'Wachtwoord', 'maxlength' => '32', 'label' => false]) ?>
<?= $this->Form->submit('Login', ['class' => 'button']) ?>
<?= $this->Form->end(); ?>
User entity:
class User extends Entity {
protected $_accessible = [
'group_id' => true,
'name' => true,
'email' => true,
'password' => true,
'profile_img_url' => true,
'pass_reset_time' => true,
'creation_date' => true,
'modified_date' => true
];
protected function _setPassword($password) {
return (new DefaultPasswordHasher)->hash($password);
}
protected $_hidden = [
'password'
];
}
用散列密码将用户正确保存在数据库中 .
当我尝试登录时 $this->Auth->identify(); 总是返回false .
我试过/事情要知道:
-
我正在尝试使用电子邮件和密码登录 .
-
db中的表名是
users -
续订盐(并创建一个新帐户并使用该帐户登录)
-
密码列长度为255 .
-
已查看Auth docs
-
在Stack和其他网站上检查了很多与此相关的问题,但还没有解决我的问题 .
-
用户正确存储 . 但是一旦我尝试登录,它就不会让我 .
-
我尝试登录时没有密码hasher功能,并且没有密码,也没有用 .
-
在不同的浏览器中检查并删除了缓存 .
谢谢!
2 回答
似乎没有任何明显的错误,除了在
_setPassword()方法中缺少空洞检查以防止空$password被散列 . 您应该执行与文档中显示的内容类似的操作:见 Cookbook > Controllers > Components > Authentication > Hashing Passwords
由于IIRC的向后兼容性原因,
FormHelper::create()方法也没有出现错误 . 如果你根本没有传递任何 Value .话虽这么说,你必须自己做更多的调试 . 首先使用
DefaultPasswordHasher::validate()方法手动验证存储在数据库中的散列密码,以确保已散列正确的值 .然后在身份验证代码流中设置一些断点以查明可能出错的地方,请检查:
FormAuthenticate::authenticate()FormAuthenticate::_checkFields()BaseAuthenticate::_findUser()BaseAuthenticate::_query()是否正在读取正确的请求数据,是否按预期构建查询条件,是否以及为密码验证返回的值等等...
好吧,我整个上午和下午都浪费了 .
我以为我的密码列长度是255,但实际上是32.我检查了错误列的长度,显然是4次 .
感谢@ndm的帮助 .