The following does work:
// app/Controller/UsersController.php
$this->User->save(array('pwd'=>$new_pwd),false);
The following does not work:
// app/Controller/UsersController.php
$this->User->setPassword($new_pwd);
The User
model has the beforeSave()
which works and the custom method setPassword()
that does not:
// app/Model/User.php
public function beforeSave($options = array()) {
if (isset($this->data[$this->alias]['pwd'])&&!empty($this->data[$this->alias]['pwd'])) {
$new_password = $this->data[$this->alias]['pwd'];
$passwordHasher = new BlowfishPasswordHasher();
$this->data[$this->alias]['pwd'] = $passwordHasher->hash($new_password);
}
return true;
}
public function setPassword($new_password) {
$passwordHasher = new BlowfishPasswordHasher();
$result = $this->save(array(
'pwd' => $passwordHasher->hash($new_password),
), false);
return $result;
}
So the setPassword()
is more or less identical yet whenever I try to log in with the password saved that way, $this->Auth->login()
returns false. I can see the password hash updated in the database though.
Am I missing something? Please help
setPassword()
internally also calls beforeSave()
via save()
.
It becomes pretty clear that you are hashing it twice then, making it impossible to be used anymore.