mirror of
https://github.com/kamilwylegala/cakephp2-php8.git
synced 2025-01-19 11:06:15 +00:00
Extracting password hashing into as separate method.
This makes is much easier for a subclass to only change how passwords are hashed.
This commit is contained in:
parent
957a75c45e
commit
7cabb4e4d5
3 changed files with 16 additions and 2 deletions
|
@ -73,7 +73,7 @@ abstract class BaseAuthenticate {
|
||||||
|
|
||||||
$conditions = array(
|
$conditions = array(
|
||||||
$model . '.' . $fields['username'] => $username,
|
$model . '.' . $fields['username'] => $username,
|
||||||
$model . '.' . $fields['password'] => AuthComponent::password($password),
|
$model . '.' . $fields['password'] => $this->_password($password),
|
||||||
);
|
);
|
||||||
if (!empty($this->settings['scope'])) {
|
if (!empty($this->settings['scope'])) {
|
||||||
$conditions = array_merge($conditions, $this->settings['scope']);
|
$conditions = array_merge($conditions, $this->settings['scope']);
|
||||||
|
@ -89,6 +89,17 @@ abstract class BaseAuthenticate {
|
||||||
return $result[$model];
|
return $result[$model];
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* Hash the plain text password so that it matches the hashed/encrytped password
|
||||||
|
* in the datasource.
|
||||||
|
*
|
||||||
|
* @param string $password The plain text password.
|
||||||
|
* @return string The hashed form of the password.
|
||||||
|
*/
|
||||||
|
protected function _password($password) {
|
||||||
|
return Security::hash($password, null, true);
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* Authenticate a user based on the request information.
|
* Authenticate a user based on the request information.
|
||||||
*
|
*
|
||||||
|
|
|
@ -65,4 +65,4 @@ class FormAuthenticate extends BaseAuthenticate {
|
||||||
);
|
);
|
||||||
}
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
|
@ -661,6 +661,9 @@ class AuthComponent extends Component {
|
||||||
/**
|
/**
|
||||||
* Hash a password with the application's salt value (as defined with Configure::write('Security.salt');
|
* Hash a password with the application's salt value (as defined with Configure::write('Security.salt');
|
||||||
*
|
*
|
||||||
|
* This method is intended as a convenience wrapper for Security::hash(). If you want to use
|
||||||
|
* a hashing/encryption system not supported by that method, do not use this method.
|
||||||
|
*
|
||||||
* @param string $password Password to hash
|
* @param string $password Password to hash
|
||||||
* @return string Hashed password
|
* @return string Hashed password
|
||||||
* @link http://book.cakephp.org/view/1263/password
|
* @link http://book.cakephp.org/view/1263/password
|
||||||
|
|
Loading…
Add table
Reference in a new issue