Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
R
R
rhost2014-06-08 12:42:58
Yii
rhost, 2014-06-08 12:42:58

CPasswordHelper::verifyPassword() how does it work?

It's not clear how it works, maybe I'm doing something wrong
UserIdentity.php

private $_id;

public function authenticate(){

 $record = Users::model()->findByAttributes(array('login' => $this->username));

   if($record === null){
       $this->errorCode = self::ERROR_USERNAME_INVALID;
   }else if(CPasswordHelper::verifyPassword($this->password, $record->password)){
        $this->_id = $record->id;
  $this->errorCode = self::ERROR_NONE;

   }else{
  $this->errorCode = self::ERROR_PASSWORD_INVALID;
   }
   return !$this->errorCode;
}

Users.php
public function authenticate(){
    
   $identity = new UserIdentity($this->login, $this->password);

     if($identity->authenticate()){
   Yii::app()->user->login($identity,3600*24*30);
   return true;
     }else{
  $this->addError('password',"Неправильный логин или пароль.");
  return false;
    }
}

Authorization does not work, I’ve been sitting for 2 days and I can’t understand what I’m doing wrong, please help me figure it out.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

5 answer(s)
Report
R
rhost, 2015-03-04
@hoOstel

Users.php

public function hashPassword($password){
     return CPasswordHelper::hashPassword($password);
}

public function validatePassword($password){
    return CPasswordHelper::verifyPassword($password,$this->password);
}

UserIdentity.php
public function authenticate(){

    $user = Users::model()->findByAttributes(array('login' => $this->username));

    if($user === null){
      $this->errorCode = self::ERROR_USERNAME_INVALID;
    }else if(!$user->validatePassword($this->password)){
      $this->errorCode = self::ERROR_PASSWORD_INVALID;
    }else{
      $this->_id = $user->id;
      $this->setState('login', $user->login);
      $this->errorCode = self::ERROR_NONE;
    }
    return $this->errorCode == self::ERROR_NONE;
  }

Report
S
Sergey, 2014-06-08
Protko @Fesor

www.yiiframework.com/doc/api/1.1/CPasswordHelper#v...
that's how shitty it works. It simply generates a hash of the password and compares it. Not the most secure way.
The reasons for which authorization may not pass are - $this->password contains something incorrect, or you are passing an already hashed password, or an unhashed password in the user model, etc.

Report
D
Dzhemchik, 2014-11-26
@dzhem911

Good afternoon.
Have you resolved this issue? Faced this problem. I'm also sitting for the 2nd day)

Report
D
des1roer, 2015-03-04
@des1roer

des1roer.blogspot.ru/2015/02/yii.html
only there without salt

Report
P
pirogtm, 2015-04-28
@pirogtm

Also struggled with the problem. And the problem turned out to be simple: the database did not have enough length for the password field.

Similar questions
Y
Yura Mailler2021-04-01 17:40:00
How to hide buttons in a VK bot and enable others? 3Reply
Z
Zhenya Starikov2021-10-26 17:30:05
How to change table with migration history for multiple databases, yii2? 1Reply
M
Maxim Grechushnikov2016-03-17 20:33:10
Yii2: How to translate REST response? 1Reply
M
mitaichik2016-03-18 16:56:36
How to write conditions in with/joinWith? 1Reply
B
Bulat Damdinov2013-12-18 05:56:18
How to write a database query in Yii? 2Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question