Login issue: encrypted password not authenticating

pablom · June 15, 2011, 11:13pm

Hi everyone, first of all I have to say that my mother language isn’t english. srry for my bad english.

Well, my problem is that my login page isn’t working. I dump the outputs of password and encrypted password variables and they are exactly the same… I don’t have any idea why the authenticate function it’s returning false.

here is part of my code:

UserIdentity




	private $_id;

	/**

	* Authenticates a user using the User data model.

	* @return boolean whether authentication succeeds.

	*/

	public function authenticate()

	{

		$user=Usuario::model()->findByAttributes(array('login'=>$this->username));

		

		if($user===null){

			$this->errorCode=self::ERROR_USERNAME_INVALID;

		}else{

		    // output here the passwords; be sure that at least one log route is enabled!

		    Yii::log('encrypted db password: '.$user->clave,'trace', "application.controllers.SiteController");

		    Yii::log('input password: '.$this->password.' / encrypted: '.$user->encrypt($this->password),'trace', "application.controllers.SiteController");

			Yii::log('la comparacion es = '.strcmp($user->clave,$user->encrypt($this->password)),'trace', "application.controllers.SiteController");

			if(strcmp($user->clave,$user->encrypt($this->password)) != 0){

				$this->errorCode=self::ERROR_PASSWORD_INVALID;

			}else{

				$this->_id = $user->id;

			}

		}

		return !$this->errorCode;

	}

	

	public function getId()

	{

		return $this->_id;

	}

LoginForm


	public function authenticate($attribute,$params)

	{

		if(!$this->hasErrors())

		{

			$this->_identity=new UserIdentity($this->username,$this->password);

			if(!$this->_identity->authenticate())

				$this->addError('password','Incorrect username or password.');

		}

	}


	/**

	 * Logs in the user using the given username and password in the model.

	 * @return boolean whether login is successful

	 */

	public function login()

	{

		if($this->_identity===null)

		{

			$this->_identity=new UserIdentity($this->username,$this->password);

			$this->_identity->authenticate();

		}

		if($this->_identity->errorCode===UserIdentity::ERROR_NONE)

		{

			$duration=$this->rememberMe ? 3600*24*30 : 0; // 30 days

			Yii::app()->user->login($this->_identity,$duration);

			return true;

		}

		else

			return false;

	}

login view




	<p class="note">Fields with <span class="required">*</span> are required.</p>


	<div class="row">

		<?php echo $form->labelEx($model,'Usuario'); ?>

		<?php echo $form->textField($model,'username'); ?>

		<?php echo $form->error($model,'username'); ?>

	</div>


	<div class="row">

		<?php echo $form->labelEx($model,'Contrase&ntilde;a'); ?>

		<?php echo $form->passwordField($model,'password'); ?>

		<?php echo $form->error($model,'password'); ?>

		<p class="hint">

			Hint: You may login with <tt>demo/demo</tt> or <tt>admin/admin</tt>.

		</p>

	</div>


	<div class="row rememberMe">

		<?php echo $form->checkBox($model,'rememberMe'); ?>

		<?php echo $form->label($model,'rememberMe'); ?>

		<?php echo $form->error($model,'rememberMe'); ?>

	</div>


	<div class="row buttons">

		<?php echo CHtml::submitButton('Login'); ?>

	</div>

Usuario (model)




	protected function afterValidate()

	{

		parent::afterValidate();

		$this->clave = $this->encrypt($this->clave);

	}

	

	public function encrypt($value)

	{

		return md5($value);

	}

Here is the trace of log

23:16:39.873039 trace system.db.ar.CActiveRecord

Usuario.findByAttributes()

in C:\wamp\www\enlaceOficios\protected\components\UserIdentity.php (17)