Solved thread

This post is marked as solved. If you think the information contained on this thread must be part of the official documentation, please contribute submitting a pull request to its repository.

Vokuro based app - cannot login

Hi guys,

A few days ago I started using vokuro as a starting point to build a small, simple app that will help me get even more familiar with Phalcon (I learn more by doing, than by reading). everything has been great so far, but I have a problem with the login step. I used vokuro's Session controller almost as is (removed registration and remember me) and added all the required tables, adding and removing fields as needed. However, I have the following issues.

  • At first, I could not login. Could not find the default password for the used in the sample schema. Does anyone know it?
  • I bypassed the above issue by disabling the check for session and sending a password reset request. But after submitting the password change form, I get a blank screen. Password field is changed, but I still cannot login

Can anyone help me identify the issue? I am not posting code at this point since I am not sure what part of the code may cause the issue. To help you, imagine that the login, ACL and session code is 99% the same as with the Vokuro example. If you need specific parts, I will post them...

Thanks...!

First check you users in the database (be aware of typos in the sql code):

mysql -u YOUR_USER -p YOUR_DATABASE
select name, mustChangePassword,banned,suspended,active from users;

if any of mustChangePassword, banned, suspended or active is 'N' for your user then you can't login.

If that is not your case, the issue most likely is th 1% code change :)

Regards André

Hi André

The user is active and not banned, suspended etc. I managed to nail down the issue to the password. Looks like the following check comes up false, even though I am 100% sure my pass is correct:

$this->security->checkHash($credentials['password'], $user->password

The credentials are passed from the session controller as an array with email and password... Is there any way to set an easy password directly in the database?



3.3k
Accepted
answer

I cannot believe I did not think about the database first!!!

I had set the password field to just varchar(45), too small for most bcrypt hashed passwords!!! I increaded the filed site and re-set the password using the forgot password action. Not it works like a charm!!!

edited Jan '16

Nice job :)

Ignore the below!

Removed due to fix during commenting :)