How to check if password and password_repeat match given password hashing?

L

lenkagruzd2018-10-19 08:37:28

Yii

lenkagruzd, 2018-10-19 08:37:28

Good day.
Stuck at the moment of checking the re-entered password, taking into account hashing. Throws a mismatch.
More. Controller:

public function actionRegistration() {

        if (!Yii::$app->user->isGuest) {
            return $this->redirect('/');
        }

        $model = new User();

        if ($model->load(Yii::$app->request->post())) {
                if (!User::find()->where(['username' => $model->username])->limit(1)->all()) {
                    $model->setPassword($model->password);
                    if ($model->save()) {
                        $login = new LoginForm();
                        $login->username = $model->username;
                        $login->password = $model->password;
                        $login->login();
                        return $this->redirect('/page/contact');
                    } else {
                        Yii::$app->session->setFlash('er', "Произошла ошибка, введите данные повторно.");
                    }
                } else {
                    Yii::$app->session->setFlash('exist', "Пользователь с таким именем существует.");
                }
        }

        return $this->render('registration', compact('model'));
    }

In the User model.

public function rules()
    {
        return [
            ['username', 'required', 'message' => 'Поле является обязательным.'],
            ['password', 'required', 'message' => 'Поле является обязательным.'],
            ['username', 'unique', 'message' => 'Пользователь с таким логином существует.'],
            ['password', 'string', 'min' => 6],
            ['password_repeat', 'required'],
            ['password_repeat', 'compare', 'compareAttribute'=> 'password'],
            [['created_at', 'invite'],  'safe'],

        ];
    }

public function setPassword($password) {
        $this->password = Yii::$app->security->generatePasswordHash($password);
    }

    public function validatePassword($password)
    {
        return Yii::$app->security->validatePassword($password, $this->password);
    }

What I get as an output:
1) The password is hashed at the setPassword stage
2) The repeated password remains without hashing.
3) The comparison fails.
What stupid things I tried:
1) Hashed password_repeat and compared with password. It is logical that nothing happened.
2) Circled around validatePassword but didn't get anything. Looks like he's completely screwed up.

Reply

Answer the question

In order to leave comments, you need to log in

[[+comments_count]] answer(s)

D

Dmitry, 2018-10-19
@slo_nik

Good Morning.

public function validatePassword($password)
    {
        return Yii::$app->security->validatePassword($password, $this->password_hash);
    }

    public function setPassword($password) 
    {
        $this->password_hash = Yii::$app->security->generatePasswordHash($password);
    }

This can be moved to rules()

} else {
   Yii::$app->session->setFlash('exist', "Пользователь с таким именем существует.");
}

Accordingly, such verification is not necessary.

if (!User::find()->where(['username' => $model->username])->limit(1)->all()) {