Things tagged with Auth


Using bcrypt for passwords in CakePHP

CakePHP uses salted sha1 hashes for passwords by default, and has for a while. There has been some talk on the mailing list lately of switching the default hashing to something more secure, such as bcrypt. I think this is a great idea, and will find its way into CakePHP in a future release. Providing a reasonanle upgrade experience is the biggest problem to solve, if the default hashing strategy was to change.

Testing CakePHP Controllers the hard way

By now you already know or should know about CakeTestCase::testAction() and the wondrous things it can do. However, testAction has a few shortcomings. It can’t handle redirects, it doesn’t let you use the power of Mocks, and its impossible to make assertions on object state changes. Sometimes you need to do things the hard way, stick your fingers in the mud and work it out.

Acl Menu Component

By now you’ve got an awesome Acl and Auth controlled app running. However, making navigation menus is a pain with dynamic, and variable permissions. Outside of making menu elements for each type of Aro and including them in your layout, there currently aren’t many options (at least none that I’m aware of). I was faced with this exact problem a while back, and couldn’t find a suitable solution, so I made one.

Auth and ACL an end to end tutorial pt. 1

Now, there are many tutorials out there for Auth and ACL in CakePHP. However, none of them (as far as I know of) cover putting together Auth and ACL from beginning to end. That is what I’m going to do in this article. I am splitting the article into two parts; the first about setting up our app and getting the Aros running, the second on building Acos and putting it all together.