Hello,
i’m a newbie so maybe this is a very simple question. But it takes me hours today and i still don’t get this thing working. Everytime i try to login (tried with different usernames/passwords) i get this error: Invalid username or password. Here is my code:
// UserIdentity
public function authenticate()
{
$users = Users::model()->findByAttributes(array('username' => $this->username));
if ($users === null)
{
$this->username = 'user Null';
$this->errorCode = self::ERROR_USERNAME_INVALID;
}
else if($users->password!==$users->validatePassword($this->password))
{
Yii::log('encrypted db password: '.$users->password,'trace');
Yii::log('input password: '.$this->password.' / encrypted: '.$users->encrypting($this->password),'trace');
$this->errorCode=self::ERROR_PASSWORD_INVALID;
}
else
{
$this->errorCode = self::ERROR_NONE;
$this->_id = $user->id;
}
return $this->errorCode == self::ERROR_NONE;
}
public function getId()
{
return $this->_id;
}
}
//Users Model
public static function encrypting($value) {
$site_key = Yii::app()->getParams()->hash_site_key;
//hashing plain password with added salt
return hash_hmac('sha256', $value, $site_key);
}
public function validatePassword($password)
{
return $this->encrypting($password)===$this->password;
}
/**
* perform one-way encryption on the password before we store it in
the database
*/
protected function afterValidate()
{
parent::afterValidate();
$this->password = $this->encrypting($this->password);
}
The logging shows me that both encrypted passwords are the same. The username is also correct.
Any ideas whats going wrong here?