Can't get Auth login to work with CakePHP 2.0

Question

I'm trying to get a simple login form to work using CakePHP 2.0... just Auth, no ACLs for now.

I'm able to see the form and enter the email and password as they are in the database, but I just get returned to the form and the flash error message is displayed. Here is my code:

AppController:

 class AppController extends Controller
 {
     function beforeFilter()
     {
         $this->Auth->userModel = 'Users';
         $this->Auth->fields = array('username' => 'email', 'password' => 'password'); //have to put both, even if we're just changing one
         $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
         $this->Auth->loginRedirect = array('controller' => 'hotels', 'action' => 'dashboard');
         $this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login');
     }
 }

login.ctp:

<?php
         echo $this->Form->create('User', array('action' => 'login'));
         echo $this->Form->input('email');
         echo $this->Form->input('password');
         echo $this->Form->end('Login');
     ?>

UsersController:

 class UsersController extends AppController
 {
     var $name = 'Users';
     var $helpers = array('Html','Form');
     var $components = array('Auth','Session');

     function beforeFilter()
     {
         $this->Auth->allow("logout");
         parent::beforeFilter();
     }

     function index() { } //Redirects to login()

     function login()
     {
         if ($this->Auth->login())
         {
             $this->redirect($this->Auth->redirect());
         } else
         {
             $this->Session->setFlash(__('Invalid username or password, try again'));
         }
     }

     function logout()
     {
         $this->redirect($this->Auth->logout());
     }
 }
 ?>

I appreciate any help with this. Thanks!

Answer 1

The "Invalid username or password, try again" error is displayed after you hit login?

There are a few things you should check:

• Is the output of $this->Auth->login() identical to the information in your database? Put debug($this->Auth->login()) to see the output in your login method after the form is submitted.

• Are the passwords correctly hashed in the database?

• Try making the AuthComponent available to all your controllers not just the UsersController.

• Not sure if this makes a difference, but call parent::beforeFilter(); before anything else in your controller's beforeFilter method.

EDIT:

Is see that you're trying to validate based on email and password. As a default AuthComponent expects a username and password. You have to explicitly state that you want the email and password to be validated by $this->Auth->login(). This comes from the 2.0 documentation:

public $components = array(
    'Auth'=> array(
        'authenticate' => array(
            'Form' => array(
                'fields' => array('username' => 'email')
            )
        )
    )
);

The fact that you're not seeing any SQL output is to be expected, I believe.

Answer 2

Also you must check if your field "password" in database is set to VARCHAR 50.

It happens to me that I was truncating the hashed password in DB and Auth never happened.

Answer 3

if you are not using defalut "username", "password" to auth, you cant get login e.g., you use "email"

you should edit component declaration in your controller containing your login function:

$component = array('Auth' => array(
  'authenticate' => array(
    'Form' => array(
      'fields' => array('username' => 'email', 'password' => 'mot_de_passe')
    )
  )
));