Using cakephp Auth with salted password hashes

Question

Using cakephp Auth with salted password hashes

How can I make the Auth cakephp component create, use and store a random salt with a password?

+3

security php cakephp

Malfist Jun 17 '10 at 10:57

source share

3 answers

There is no such function in the Auth component. Take a look at CakePHP Random Line Generator .

0

bancer Jun 18 '10 at 0:45

source share

-, Auth, .

0

deceze 18 . '10 1:28

codegy · Accepted Answer · 2010-06-18T02:22:26+0000

You can start here http://book.cakephp.org/view/566/Change-Hash-Function and set the variable $authenticateto your user model:

class User extends AppModel {
    function hashPasswords($data) {
        if (isset($data['User']['password'])) {
            //Get the user to get the salt
            $user = $this->findByUsername($data['User']['username']);
            //Let say you have a "salt" field in your db 
            $data['User']['password'] = md5($data['User']['password'].$user['User']['salt']);
            return $data;
        }
        return $data;
    }
}

Using cakephp Auth with salted password hashes

More articles: