CODEWITHSUNDEEP
phpmongodbcakephpcakephp-2.3
comebal
comebal

Reputation: 946

How to use Auth in cakephp using mongodb

I have a mongo db structure for users with "username" and "password". I am trying to use the Auth in cakephp login but it seems like its not working for me. I tried removing the $this->data but still it did not work.

My password is hashed using Security::hash($this->data['User']['password'])

if(!empty($this->data))
{
   if($this->Auth->login($this->data))
   {
       echo "yes";
   }
   else{
       echo "no";
   }
}

In my app controller I have this:

public $components = array('DebugKit.Toolbar', 'Session', 'Auth' => array(
    'loginAction' => array(
        'controller' => 'pages',
        'action' => 'home'
    ),
    'authenticate' => array(
        'Form' => array(
            'fields' => array('username' => 'username', 'password' => 'password')
        )
    )
));

Here is the result when I debug the login method:

array(
    'User' => array(
        'password' => '*****',
        'username' => '[email protected]',
        'remember' => '0',
        'auto_login' => '0'
)
)

I don't know why I cannot use Auth with mongodb. Thanks for the help in advance.

EDIT:

When i tried and take away the layout, it shows me a query at the bottom of the page saying:

db.users.find( {"username":"[email protected]","password":"2fdf49ffc396453960802df8fc2417655d1e8fca"}, [] ).sort( [] ).limit( 1 ).skip( 0 )

The hashed value of the password that I inputted from the form is different from the hash value that is being queried. The hashed value should be "a2374c309ab7823dcd9b4e21dae7511f7a9c7ec5". Why is it that cakephp is converting the password into another hash value?

Upvotes: 0

Views: 729

Answers (2)

comebal
comebal

Reputation: 946

I was able to find out the answer. Its because cakephp is automatically hashing the password when searching in the database.

The problem that I had was when I was saving the users' password, I am was using 

Security::hash($this->data['User']['password'])

I should have used this one instead:

AuthComponent::password($this->data['User']['password'])

Thank you for all the help especially to @xgalvin

Upvotes: 1

Pádraig Galvin
Pádraig Galvin

Reputation: 1155

There are two ways of using $this->Auth->login(). The CakePHP API documentation explains it:

If a $user is provided that data will be stored as the logged in user. If $user is empty or not specified, the request will be used to identify a user.

The manual also mentions:

In 2.0 $this->Auth->login($this->request->data) will log the user in with whatever data is posted ...

So for the login method of the users controller you shouldn't pass anything:

if($this->Auth->login()) {
    // user is now logged in
}

Should you need to manually login a user you can pass the user data as an array:

if($this->Auth->login($this->request->data['User'])) {
    // user is now logged in
}

Where $this->request->data['User'] is something like:

array(
    'id' => 1,
    'username' => 'admin',
    'password' => '1234',
);

Note: In both cases you don't need to hash the password as it is done automatically.

Upvotes: 1

Related Questions