My login page isn’t working. The error must be coming from the password encryption or authentication.
I modified the error code on the login page to tell me whether the username or the password generated the error.
It says username when I enter an invalid username and it tells me password when the password doesn’t authenticate.
Here is my code, if you could help me track down my problem.
UserIdentity:
class UserIdentity extends CUserIdentity
{
private $_id;
public function authenticate()
{
$user=User::model()->findByAttributes(array('username'=>$this->username));
if($user===null)
{
$this->errorCode=self::ERROR_USERNAME_INVALID;
}
else
{
if($user->password!==$user->encrypt($this->password))
{
$this->errorCode=self::ERROR_PASSWORD_INVALID;
}
else
{
$this->_id = $user->id;
$this->errorCode=self::ERROR_NONE;
}
}
return !$this->errorCode;
}
public function getId()
{
return $this->_id;
}
}
LoginForm (the authenticate and login methods to keep length down):
public function authenticate($attribute,$params)
{
if(!$this->hasErrors())
{
$this->_identity=new UserIdentity($this->username,$this->password);
if(!$this->_identity->authenticate())
{
if($this->_identity->errorCode === UserIdentity::ERROR_USERNAME_INVALID){$error = "username";}
if($this->_identity->errorCode === UserIdentity::ERROR_PASSWORD_INVALID){$error = "password";}
$this->addError('password', "$error is invalid");
}
}
}
public function login()
{
if($this->_identity===null)
{
$this->_identity=new UserIdentity($this->username,$this->password);
$this->_identity->authenticate();
}
if($this->_identity->errorCode===UserIdentity::ERROR_NONE)
{
$duration=$this->rememberMe ? 3600*24*30 : 0; // 30 days
Yii::app()->user->login($this->_identity,$duration);
return true;
}
else
return false;
}
[b]
the login view:[/b]
<div class="form">
<?php $form=$this->beginWidget('CActiveForm', array(
'id'=>'login-form',
'enableClientValidation'=>true,
'clientOptions'=>array(
'validateOnSubmit'=>true,
),
)); ?>
<p class="note">Fields with <span class="required">*</span> are required.</p>
<div class="row">
<?php echo $form->labelEx($model,'email'); ?>
<?php echo $form->textField($model,'username'); ?>
<?php echo $form->error($model,'username'); ?>
</div>
<div class="row">
<?php echo $form->labelEx($model,'password'); ?>
<?php echo $form->passwordField($model,'password'); ?>
<?php echo $form->error($model,'password'); ?>
</div>
<div class="row rememberMe">
<?php echo $form->checkBox($model,'rememberMe'); ?>
<?php echo $form->label($model,'rememberMe'); ?>
<?php echo $form->error($model,'rememberMe'); ?>
</div>
<div class="row buttons">
<?php echo CHtml::submitButton('Login'); ?>
</div>
<?php $this->endWidget(); ?>
</div><!-- form -->
User model: (just the afterValidate and encrypt methods)
protected function afterValidate()
{
parent::afterValidate();
$this->password = $this->encrypt($this->password);
}
public function encrypt($value)
{
return sha1($value);
}
If there is code you need to see that I neglected to add please let me know.
This has me stumped right now.
ok so to track down the error, I made the encrypt method return the raw value.
The login works fine after that with a new user created that has a raw password stored.
This means the error is with the encryption. I have tried sha1 and md5 and neither have worked.