Friday, April 22, 2022

[FIXED] How to use Auth in cakephp using mongodb

      , , ,      No comments   

Issue

I have a mongo db structure for users with "username" and "password". I am trying to use the Auth in cakephp login but it seems like its not working for me. I tried removing the $this->data but still it did not work.

My password is hashed using Security::hash($this->data['User']['password'])

if(!empty($this->data))
{
   if($this->Auth->login($this->data))
   {
       echo "yes";
   }
   else{
       echo "no";
   }
}

In my app controller I have this:

public $components = array('DebugKit.Toolbar', 'Session', 'Auth' => array(
    'loginAction' => array(
        'controller' => 'pages',
        'action' => 'home'
    ),
    'authenticate' => array(
        'Form' => array(
            'fields' => array('username' => 'username', 'password' => 'password')
        )
    )
));

Here is the result when I debug the login method:

array(
    'User' => array(
        'password' => '*****',
        'username' => 'test@test.com',
        'remember' => '0',
        'auto_login' => '0'
)
)

I don't know why I cannot use Auth with mongodb. Thanks for the help in advance.

EDIT:

When i tried and take away the layout, it shows me a query at the bottom of the page saying:

db.users.find( {"username":"test@test.com","password":"2fdf49ffc396453960802df8fc2417655d1e8fca"}, [] ).sort( [] ).limit( 1 ).skip( 0 )

The hashed value of the password that I inputted from the form is different from the hash value that is being queried. The hashed value should be "a2374c309ab7823dcd9b4e21dae7511f7a9c7ec5". Why is it that cakephp is converting the password into another hash value?


Solution

There are two ways of using $this->Auth->login(). The CakePHP API documentation explains it:

If a $user is provided that data will be stored as the logged in user. If $user is empty or not specified, the request will be used to identify a user.

The manual also mentions:

In 2.0 $this->Auth->login($this->request->data) will log the user in with whatever data is posted ...

So for the login method of the users controller you shouldn't pass anything:

if($this->Auth->login()) {
    // user is now logged in
}

Should you need to manually login a user you can pass the user data as an array:

if($this->Auth->login($this->request->data['User'])) {
    // user is now logged in
}

Where $this->request->data['User'] is something like:

array(
    'id' => 1,
    'username' => 'admin',
    'password' => '1234',
);

Note: In both cases you don't need to hash the password as it is done automatically.



Answered By - Pádraig Galvin
Answer Checked By - Katrina (PHPFixing Volunteer)

0 Comments:

Post a Comment

Note: Only a member of this blog may post a comment.

Total Pageviews

Featured Post

Why Learn PHP Programming

Why Learn PHP Programming A widely-used open source scripting language PHP is one of the most popular programming languages in the world. It...