Turn of Cakephp Auth password hashing
https://stackoverflow.com/questions/1894203
-
19-09-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I am upgrading a cakephp app at my new job from l.1 to 1.2. I am replacing the homegrown 1.1 authorization code with the great Auth component. The problem is that the passwords are not hashed in the legacy DB. How can I turn off the password hashing temporarily so I can start using the Auth component.
Don't worry, I will hash the passwords and change this later.
Solution
Here is the solution adapted from another stack overflow answer. By overriding the User::hashPassword model to do nothing basically.
How do I replace the cakephp password hashing algorithm?
<?php
class User extends AppModel {
var $name = 'User';
// this is used by the auth component to turn the password into its hash before comparing with the DB
function hashPasswords($data) {
return $data;
}
}
?>
OTHER TIPS
Technically you could just hash all the passwords in the database in one swoop, using the query below. BACKUP YOUR TABLE FIRST!
UPDATE user_table SET password = SHA1(password)
From the CakePHP manual, the default hashing scheme is SHA-1, so unless you've changed it this should do it. SHA1 is a built-in MySQL function, though I assume it's available in most other databases as well.
