https://stackoverflow.com/questions/21738555
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
Russianok this the answer FISRT AND IMPORTANT MY VESION OF CAKE PHP IS 2.4.5
I did read: http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html#hashing-passwords
and I after of this I did a lot debugs and I see that my password is not the same that the pasword of mi Database. but this not that simple because i didn't know, how have the same encriptation, and I didn't know what encryptation I was using, so I look for a lot answer here in stackoverflow and this is the best. CakePHP 2.1 Auth->login() not working, but adding user does
the key to all this is here
public function beforeFilter() {
Security::setHash('sha1');//this is the encryption very important
$this->Auth->allow('login','add', 'index');
}
now this is my code final:
MODEL
User.php
<?php
App::uses('SimplePasswordHasher', 'Controller/Component/Auth');
class User extends AppModel {
public $name ='User';
public $validate = array(
'username' => array(
'nonEmpty' => array(
'rule' => array('notEmpty'),
'message' => 'Un nombre de usuario es requerido',
'allowEmpty' => false
),
'between' => array(
'rule' => array('between', 5, 15),
'required' => true,
'message' => 'Los nombre de usuario deben contener entre 5 y 15 caracteres'
),
'unique' => array(
'rule' => array('isUniqueUsername'),
'message' => 'Este nombre de usuario esta en uso.'
),
'alphaNumericDashUnderscore' => array(
'rule' => array('alphaNumericDashUnderscore'),
'message' => 'Nombre de usuario solo puede contener letras numeros y barra baja'
),
),
'password' => array(
'required' => array(
'rule' => array('notEmpty'),
'message' => 'Una contraseña es requerida'
),
'min_length' => array(
'rule' => array('minLength', '6'),
'message' => 'Contraseña debe contener 6 caracteres'
)
),
'password_confirm' => array(
'required' => array(
'rule' => array('notEmpty'),
'message' => 'Por favor confirme su contraseña'
),
'equaltofield' => array(
'rule' => array('equaltofield','password'),
'message' => 'Ambas contraseñas deben ser iguales.'
)
),
'nombre' => array(
'nonEmpty' => array(
'rule' => array('notEmpty'),
'message' => 'Ingresar un nombre es requerido',
'allowEmpty' => false
),
),
'apellido' => array(
'nonEmpty' => array(
'rule' => array('notEmpty'),
'message' => 'Ingresar un apellido es requerido',
'allowEmpty' => false
),
),
'email' => array(
'required' => array(
'rule' => array('email', true),
'message' => 'Porfavor ingrese un correo electronico'
),
'unique' => array(
'rule' => array('isUniqueEmail'),
'message' => 'Este correo esta en uso',
),
'between' => array(
'rule' => array('between', 6, 60),
'message' => 'Nombres usuario debe contener de 6 a 60 caracteres'
)
),
'tipo_usuario' => array(
'valid' => array(
'rule' => array('inList', array('administrador', 'azucar', 'soya', 'avicola')),
'message' => 'Porfavor ingrese un tipo de usuario valido',
'allowEmpty' => false
)
),
'password_update' => array(
'min_length' => array(
'rule' => array('minLength', '6'),
'message' => 'Contraseña debe tener 6 caracteres',
'allowEmpty' => true,
'required' => false
)
),
'password_confirm_update' => array(
'equaltofield' => array(
'rule' => array('equaltofield','password_update'),
'message' => 'Ambos deberian ser iguales.',
'required' => false,
)
)
);
/**
* Before isUniqueUsername
* @param array $options
* @return boolean
*/
function isUniqueUsername($check) {
$username = $this->find(
'first',
array(
'fields' => array(
'User.id',
'User.username'
),
'conditions' => array(
'User.username' => $check['username']
)
)
);
if(!empty($username)){
if($this->data[$this->alias]['id'] == $username['User']['id']){
return true;
}else{
return false;
}
}else{
return true;
}
}
/**
* Before isUniqueEmail
* @param array $options
* @return boolean
*/
function isUniqueEmail($check) {
$email = $this->find(
'first',
array(
'fields' => array(
'User.id'
),
'conditions' => array(
'User.email' => $check['email']
)
)
);
if(!empty($email)){
if($this->data[$this->alias]['id'] == $email['User']['id']){
return true;
}else{
return false;
}
}else{
return true;
}
}
public function alphaNumericDashUnderscore($check) {
// $data array is passed using the form field name as the key
// have to extract the value to make the function generic
$value = array_values($check);
$value = $value[0];
return preg_match('/^[a-zA-Z0-9_ \-]*$/', $value);
}
public function equaltofield($check,$otherfield)
{
//get name of field
$fname = '';
foreach ($check as $key => $value){
$fname = $key;
break;
}
return $this->data[$this->name][$otherfield] === $this->data[$this->name][$fname];
}
/**
* Before Save
* @param array $options
* @return boolean
*/
public function beforeSave($options = array()) {
// hash our password
if (!$this->id) {
$passwordHasher = new SimplePasswordHasher();
$this->data['User']['password'] = $passwordHasher->hash($this->data['User']['password']);
}
// if we get a new password, hash it
if (isset($this->data[$this->alias]['password_update']) && !empty($this->data[$this->alias]['password_update'])) {
$this->data[$this->alias]['password'] = $passwordHasher->hash($this->data[$this->alias]['password_update']);
}
// fallback to our parent
//return parent::beforeSave($options);
return true;
}
}
?>
impotartant
AppController.php
<?php
/**
* Application level Controller
*
* This file is application-wide controller file. You can put all
* application-wide controller-related methods here.
*
* CakePHP(tm) : Rapid Development Framework (http://cakephp.org)
* Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
*
* Licensed under The MIT License
* For full copyright and license information, please see the LICENSE.txt
* Redistributions of files must retain the above copyright notice.
*
* @copyright Copyright (c) Cake Software Foundation, Inc. (http://cakefoundation.org)
* @link http://cakephp.org CakePHP(tm) Project
* @package app.Controller
* @since CakePHP(tm) v 0.2.9
* @license http://www.opensource.org/licenses/mit-license.php MIT License
*/
App::uses('Controller', 'Controller');
/**
* Application Controller
*
* Add your application-wide methods in the class below, your controllers
* will inherit them.
*
* @package app.Controller
* @link http://book.cakephp.org/2.0/en/controllers.html#the-app-controller
*/
class AppController extends Controller {
public $components = array(
'DebugKit.Toolbar',
'Session',
'Auth' => array(
'loginRedirect' => array('controller' => 'users', 'action' => 'index'),
'logoutRedirect' => array('controller' => 'users', 'action' => 'login'),
'authError' => 'Tu tienes que estas logueado para ver la pagina.',
'loginError' => 'Invalido nombre de usuario ingresado.',
'authorize'=> array('Controller'),
'authenticate' => array('Form')
));
// only allow the login controllers only
public function beforeFilter() {
Security::setHash('sha1');
$this->Auth->allow('login','add', 'index');
}
public function isAuthorized($user) {
// Here is where we should verify the role and give access based on role
return true;
}
}
Important
UsersController.php
<?php
App::uses('AppController', 'Controller');
class UsersController extends AppController {
public $helpers = array('Html','Form');
public $name = 'Users';
public $paginate = array(
'limit' => 25,
'conditions' => array('aprobacion' => '1'),
'order' => array('User.username' => 'asc' )
);
public function beforeFilter() {
parent::beforeFilter();
}
public function login() {
// if we get the post information, try to authenticate
debug(Security::hash($this->data['User']['password']));
debug($this->data);
if ($this->request->is('post')) {
debug($this->Session->check('Auth.User'));
if ($this->Auth->login()) {
$this->Session->setFlash(__('Bienvenido, '. $this->Auth->user('username')));
return $this->redirect($this->Auth->redirectUrl());
} else {
$this->Session->setFlash(__('Invalido nombre de usuario o contraseña'));
}
}
}
public function logout() {
$this->redirect($this->Auth->logout());
}
public function index() {
$this->paginate = array(
'limit' => 6,
'order' => array('User.username' => 'asc' )
);
$users = $this->paginate('User');
$this->set(compact('users'));
}
public function add() {
if ($this->request->is('post')) {
$this->User->create();
if ($this->User->save($this->request->data)) {
$this->Session->setFlash(__('El usuario fue creado'));
$this->redirect(array('action' => 'index'));
} else {
$this->Session->setFlash(__('Posiblemente el usuario no fue creado. Intente de nuevo'));
}
}
}
public function edit($id = null) {
if (!$id) {
$this->Session->setFlash('Porfavor provea un id de usuario');
$this->redirect(array('action'=>'index'));
}
$user = $this->User->findById($id);
if (!$user) {
$this->Session->setFlash('El id proporcionado no es valido');
$this->redirect(array('action'=>'index'));
}
if ($this->request->is('post') || $this->request->is('put')) {
$this->User->id = $id;
if ($this->User->save($this->request->data)) {
$this->Session->setFlash(__('El usuario fue modificado'));
$this->redirect(array('action' => 'edit', $id));
}else{
$this->Session->setFlash(__('Disponible solo para actualizar tu usuario.'));
}
}
if (!$this->request->data) {
$this->request->data = $user;
}
}
public function delete($id = null) {
if (!$id) {
$this->Session->setFlash('Porfavor provea un id de usuario');
$this->redirect(array('action'=>'index'));
}
$this->User->id = $id;
if (!$this->User->exists()) {
$this->Session->setFlash('El id proporcionado no es valido');
$this->redirect(array('action'=>'index'));
}
if ($this->User->saveField('aprobacion', 0)) {
$this->Session->setFlash(__('Usuario borrado'));
$this->redirect(array('action' => 'index'));
}
$this->Session->setFlash(__('Usuario no fue borrado'));
$this->redirect(array('action' => 'index'));
}
public function activate($id = null) {
if (!$id) {
$this->Session->setFlash('Porfavor provea un id de usuario');
$this->redirect(array('action'=>'index'));
}
$this->User->id = $id;
if (!$this->User->exists()) {
$this->Session->setFlash('El id proporcionado no es valido');
$this->redirect(array('action'=>'index'));
}
if ($this->User->saveField('aprobacion', 1)) {
$this->Session->setFlash(__('Usuario re-activado'));
$this->redirect(array('action' => 'index'));
}
$this->Session->setFlash(__('Usuario no fue re-activado'));
$this->redirect(array('action' => 'index'));
}
}
?>
NOw
login.ctp
<div class="users form">
<?php echo $this->Session->flash('auth'); ?>
<?php echo $this->Form->create('User'); ?>
<fieldset>
<legend><?php echo ('Porfavor ingresa tu nombre de usuario y contraseña'); ?></legend>
<?php
echo $this->Form->input('username', array('label' => 'Nombre de Usuario', 'maxLength' => 60));
echo $this->Form->input('password', array('label' => 'Contraseña', 'maxLength' => 60));
?>
</fieldset>
<?php echo $this->Form->end(('Login')); ?>
</div>
<?php
echo $this->Html->link( "Agregar un nuevo usuario", array('action'=>'add') );
?>
just use imagination for edit.ctp, add.ctp
