Here was my (not so pretty solution)....
In controllers/components/mycustomauthcomponent.php:
<?
require( CAKE_CORE_INCLUDE_PATH . DS . 'cake/libs/controller/
components/auth.php' );
class MycustomauthComponent extends AuthComponent {
function password($password) {
return md5( $password );
}
//function __destruct( ) { debug( $this ); die; }
}
?>
The in the app_controller:
var $components = array ('Acl', 'Mycustomauth');
$this->Mycustomauth->authorize = 'actions';
...etc...
It appears to work (not getting parentNode() to execute, but I think
that's a separate problem), but surely there is a more elegant
solution out there.
On Jul 20, 6:27 pm, francky06l <[EMAIL PROTECTED]> wrote:
> Well, I had a chat with Gwoo yesterday about this. Actually the
> security object accept 3 hash methods : sha1 (default), md5 and
> sha256..
>
> The idea, with a derived Auth, to declare $var hashMethod = 'sha1';
> Overwrite the hashPassword function with :
>
> function hashpassword($password)
> {
> Security::hash(CAKE_SESSION_STRING.$password, $this->hashMethod);
>
> This is the idea, you can set the $hasMethod in beforeFilter for
> example. Of course you depend of the methods handled by the security
> class (the 3 mentionned above so far).
>
> Actually I have tested this by modifying, for test purpose, the Auth
> component itself. But that should be be easy in a derived component
> ( I have to test this though..)
>
> Let me know about your progress
>
> On Jul 20, 10:28 pm, "[EMAIL PROTECTED]"
>
> <[EMAIL PROTECTED]> wrote:
> > Can you provide more information on how you overwrote the hash method
> > (Auth::password()) in AuthComponent *without* actually touching the
> > cakephp core code?
>
> > I've been tearing my hair out attempting to do this. I would think you
> > could create a component (e.g., CustomAuth) and override the method,
> > but, alas, this doesn't appear to work like I think it should.
>
> > On Jul 12, 7:41 am, francky06l <[EMAIL PROTECTED]> wrote:
>
> > > Hi bakers,
>
> > > Just wanted to share my experience of integrating the Auth component
> > > into a non-finished application in cake12.
> > > Overall, the component is great and easy to implement, however I had
> > > to deal with some "tricky" features.
>
> > > First the application context:
>
> > > I have users spread out in different centers. Basically a user belongs
> > > to a center. I have then a "Center" model and a "User" model. User
> > > belongsTo a Center.
> > > I can have a user "John Smith" in center A, and another "John Smith"
> > > in center B. Thus on login screen a field "Center name" is also
> > > captured. I can also disabled a complete center, meaning that every
> > > user of this center would fail to login.
>
> > > Using the Auth component, I have set the following in my login
> > > function :
>
> > > if(!empty($this->data))
> > > {
> > > // Add the Center checks
>
> > > $this->Auth->userScope = array( 'Center.disabled' => 0,
>
> > > 'Center.name' => $this->data['Center']['name']);
>
> > > if(!$this->Auth->login($this->data))
> > > {
>
> > > That should do the trick I though ... well not exactly. That does not
> > > work because the Auth component include a -1 as the recursive flag for
> > > the call to User->find.
> > > Workaround : I have added a $recursive variable to the component and
> > > initialized it to -1. Now I just have to add $this->Auth->recursive =
> > > 1; prior to the Auth->login call.
>
> > > Second "small" problem, I need to keep in the Session some fields of
> > > the Center record. For now, the login function of the Auth stores only
> > > $data['User'].
> > > I did solve this, in a "dirty way" by changing the return of the
> > > identify function :
>
> > > return $this->recursive > 0 ? $data : $data[$this->userModel];
>
> > > I am sure the above might give me some problems later, feel free to
> > > give me hints.
>
> > > Another problem that I faced, was the default hash parameters to use.
> > > My DB already had some user password hashed using md5.
> > > I did add a variable called $hashMethod in the component, and
> > > initialized to 'sha1', I can then override the variable if I need
> > > something else. I also added a $hashPrefix initialized to the
> > > CAKE_SESSION_STRING, and I can override it.
> > > The password function is modified as :
>
> > > function password($password) {
> > > return Security::hash($hashPrefix . $password,
> > > $hashMethod);
> > > }
>
> > > The hashPasswords implemented into the startup function gave me some
> > > trouble as well. I have a "changeDetail" function used by any user to
> > > change their details as well as their password. I have set a control
> > > to enforce the password strength such as at least 6 different
> > > characters among them 2 digits.
> > > This rule can't be verified anymore since the startup function will
> > > "hash" my password prior to my verification.
> > > For now the WorkAround is to use another field than "password" into
> > > the view and just add the "password" ($this->data['User']['password']
> > > = $this->Auth->password($this->data['User']['passtrick']) prior to
> > > save.
> > > This is no really "elegant", maybe a "enable/disable" method (or an
> > > array of controller/view to avoid the call to hashPasswords) could be
> > > implemented into the Auth ?
>
> > > That's about it for now. Do not get me wrong, I know I have listed
> > > mainly problems but the Auth is great component. I could work without
> > > the Auth component since my application requires login for every
> > > action (except the login / logout actions of course), but my main
> > > interest is to link it with the cake12 ACL (next step).
>
> > > Again, some of the above might be due to my misunderstanding of the
> > > component, please feel free to suggest or comments.
>
> > > Thanks
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
