I'm having trouble implementing Blowfish Hashing in CakePHP. I've done it many times before but something really strange is happening this time.
When I do this in my Model:
<?php
App::uses('BlowfishPasswordHasher', 'Controller/Component/Auth');
class Person extends AppModel {
public $hasAndBelongsToMany = 'Client';
public $belongsTo = 'Role';
public function beforeSave($options = array()) {
if (!$this->id) {
$passwordHasher = new BlowfishPasswordHasher();
debug($passwordHasher->hash($this->data[$this->alias]['password']));
debug($passwordHasher->hash($this->data[$this->alias]['password']));
debug($passwordHasher->hash($this->data[$this->alias]['password']));
debug($passwordHasher->hash($this->data[$this->alias]['password']));
debug($passwordHasher->hash($this->data[$this->alias]['password']));
debug($passwordHasher->hash($this->data[$this->alias]['password']));
$this->data[$this->alias]['password'] = $passwordHasher->hash($this->data[$this->alias]['password']);
}
return true;
}
}
It outputs 6 different passwords:
/app/Model/Person.php (line 9)
'$2a$10$Ow67P5proa7LqBwlXCLFQOc/2WyfvSVNtBLNA5PMb2wxWuoK0mrvq'
/app/Model/Person.php (line 10)
'$2a$10$ZI5xv9SmLafBZOaikaIWY.jqyX68mS9RqvF4WbaxEuIj67ddKGguG'
/app/Model/Person.php (line 11)
'$2a$10$.5gRV3aQ8M/gDHVsSRmRpur8ugXjEidxPwTyuv5NVDUu3tHbCdmoC'
/app/Model/Person.php (line 12)
'$2a$10$58zHo0qAZSLa/KqTFvs6uOxjT0Ua1HlnGmQE5xpKf09in7Di9gCXa'
/app/Model/Person.php (line 13)
'$2a$10$MbHTtqgaCTfbK8JVO5Ad6.JKR3Zvipyv3yeid7Zb5MGx38.fufUCG'
/app/Model/Person.php (line 14)
'$2a$10$ya3gqRwR2osjAsS0jpuDcu/JNkKrvzZpy/Vsk4nBNY213JrwylDUa'
How is that even possible? What could I possibly be doing wrong?
For reference's sake, my components implementation looks like this but the issue occurs when I'm using scaffold as well:
<?php
class PeopleController extends AppController {
public $components = array(
'Auth' => array(
'loginAction' => array(
'controller' => 'people',
'action' => 'login'
),
'authenticate' => array(
'Form' => array(
'fields' => array('username' => 'email'),
'userModel' => 'Person',
'passwordHasher' => 'Blowfish'
)
)
)
);
Edit:
Just to clarify, what I'm trying to get working here is the basic login functionality. My login action looks like this:
public function login() {
if ($this->request->is('post')) {
if ($this->Auth->login()) {
return $this->redirect($this->Auth->redirectUrl());
}
else {
$this->Session->setFlash(__('Username or password is incorrect'), 'default', array(), 'auth');
}
}
}
And my view looks like this:
<h2>Login</h2>
<?php echo $this->Session->flash('auth'); ?>
<?php echo $this->Form->create('Person', array('action' => 'login')); ?>
<?php echo $this->Form->input('email'); ?>
<?php echo $this->Form->input('password'); ?>
<?php echo $this->Form->end('Submit'); ?>