We have moved our forum to GitHub Discussions. For questions about Phalcon v3/v4/v5 you can visit here and for Phalcon v6 here.

Why $this->security->checkHash function unable work

pls check below logincheck function for $this->security->checkHash,why unable get value for $res.

public function logincheckAction(){ if($this->request->isPost()) { $name = $this->request->getPost("name"); $password = $this->request->getPost("password"); $user =Users::findFirstByName($name); echo $user->password."<br/>"; echo $password;

        $res=$this->security->checkHash($password, $user->password) ;
        echo $res;

    }    
}
edited Jun '16

public function logincheckAction(){ if($this->request->isPost()) { $name = $this->request->getPost("name"); $password = $this->request->getPost("password"); $user =Users::findFirstByName($name); echo $user->password."<br/>"; echo $password;

        echo $this->security->checkHash($password, $user->password);

    }    
}

How exactly checkHash unable to work?

  • maybe User not exist in DB?
  • checkHash doesn't exist? - do you have services "security"?
public function logincheckAction(){
    if ($this->request->isPost()) {
        $name = $this->request->getPost("name");
        $password = $this->request->getPost("password");

        // I prefer to use form validation but ok, let's do this simply
        if (!empty($name) && !empty($password)) {
            $user = Users::findFirstByLogin($login);
            if ($user) {
                if ($this->security->checkHash($password, $user->password)) {
                    // Login success
                } else {
                    // Pasword not equal
                }
            } else {
                // User not found
            }
        } else {
            // Username or password can't be empty
        }
    }    
}

https://docs.phalcon.io/en/latest/reference/security.html

Hi Kostya

I have test the exist user in DB,but unable to login system,and i have set services "security" in Public/index.php.

so i test the return value for function checkHash, is it boolean,right? but in result test, there is no any value get..

Hi Kostya,

i have set service "security" in Public/index.php as below code:

$di->setShared('security',function(){ $security = new Security(); $security->setWorkFactor(12); $security->setDefaultHash(Security::CRYPT_BLOWFISH_Y); return $security; });

edited Jun '16

Hi!

  1. i have error in my code:
...
$user = Users::findFirstByLogin($login);  // wrong
$user = Users::findFirstByLogin($name); // correct
...
  1. try use var_dump not echo and add die in end of action for to see output of var_dump
...
var_dump($this->security->checkHash($password, $user->password));
die;
...


6.6k
Accepted
answer

Hi Kostya, I have found the root cause,DB hash require minimum varchar(60),but my DB password field is varchar(50),so i have changed,it is OK now,thanks for your great support on this.