CakePHP 3.0 - Compare database password with old password when changing password

Question

CakePHP 3.0 - Compare database password with old password when changing password

I'm working on CakePHP 3.0 and I would like to compare the database password with the old password entered on the form in the Change Password function. But I cannot do this as the password is hashed and the hashed password is different every time, even if we use the same password.

Please help me with this.

Thanks in advance, Melee

+3

passwords hash cakephp-3.0

eme June 11. 15 at 12:16

source to share

1 answer

Tom · Answer 1 · 2015-06-12T08:07:47+0000

I would do this in your UserTable validator.

Src / Model / Table / UsersTable.php

$validator
            ->notEmpty('current_password')
                ->add('current_password', 'custom', [
                    'rule' => 

                    function($value, $context) {
                        $query = $this->find()
                                ->where([
                                    'id' => $context['data']['id']
                                ])
                                ->first();

                        $data = $query->toArray();

                        return (new DefaultPasswordHasher)->check($value, $data['password']);
                    },
                    'message' => 'Current password is incorrect!'
                ]);

Custom validation rules

CakePHP 3.0 - Compare database password with old password when changing password

More articles: