Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
R
R
rhost2014-06-08 12:42:58
Yii
rhost, 2014-06-08 12:42:58

CPasswordHelper::verifyPassword() how does it work?

It's not clear how it works, maybe I'm doing something wrong
UserIdentity.php

private $_id;

public function authenticate(){

 $record = Users::model()->findByAttributes(array('login' => $this->username));

   if($record === null){
       $this->errorCode = self::ERROR_USERNAME_INVALID;
   }else if(CPasswordHelper::verifyPassword($this->password, $record->password)){
        $this->_id = $record->id;
  $this->errorCode = self::ERROR_NONE;

   }else{
  $this->errorCode = self::ERROR_PASSWORD_INVALID;
   }
   return !$this->errorCode;
}

Users.php
public function authenticate(){
    
   $identity = new UserIdentity($this->login, $this->password);

     if($identity->authenticate()){
   Yii::app()->user->login($identity,3600*24*30);
   return true;
     }else{
  $this->addError('password',"Неправильный логин или пароль.");
  return false;
    }
}

Authorization does not work, I’ve been sitting for 2 days and I can’t understand what I’m doing wrong, please help me figure it out.

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

5 answer(s)
Report
R
rhost, 2015-03-04
@hoOstel

Users.php

public function hashPassword($password){
     return CPasswordHelper::hashPassword($password);
}

public function validatePassword($password){
    return CPasswordHelper::verifyPassword($password,$this->password);
}

UserIdentity.php
public function authenticate(){

    $user = Users::model()->findByAttributes(array('login' => $this->username));

    if($user === null){
      $this->errorCode = self::ERROR_USERNAME_INVALID;
    }else if(!$user->validatePassword($this->password)){
      $this->errorCode = self::ERROR_PASSWORD_INVALID;
    }else{
      $this->_id = $user->id;
      $this->setState('login', $user->login);
      $this->errorCode = self::ERROR_NONE;
    }
    return $this->errorCode == self::ERROR_NONE;
  }

Report
S
Sergey, 2014-06-08
Protko @Fesor

www.yiiframework.com/doc/api/1.1/CPasswordHelper#v...
that's how shitty it works. It simply generates a hash of the password and compares it. Not the most secure way.
The reasons for which authorization may not pass are - $this->password contains something incorrect, or you are passing an already hashed password, or an unhashed password in the user model, etc.

Report
D
Dzhemchik, 2014-11-26
@dzhem911

Good afternoon.
Have you resolved this issue? Faced this problem. I'm also sitting for the 2nd day)

Report
D
des1roer, 2015-03-04
@des1roer

des1roer.blogspot.ru/2015/02/yii.html
only there without salt

Report
P
pirogtm, 2015-04-28
@pirogtm

Also struggled with the problem. And the problem turned out to be simple: the database did not have enough length for the password field.

Similar questions
N
Niko True2015-06-16 19:00:28
How to make an sms gateway? 4Reply
T
teodor7teodor72016-06-09 09:44:05
How to make yii2 REST fetch start, limit? 2Reply
K
ktotaika2018-11-08 15:17:39
How to organize search by related fields in Yii2? 1Reply
S
SlimSavernake2016-06-09 16:41:15
How to show phone from database in yii2 using pjax? 3Reply
M
Maxim2016-06-10 09:43:24
How to update a value in a database? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question