Zend\Authentication & DbTable Adapter with Bcrypt

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

Zend\Authentication & DbTable Adapter with Bcrypt

Ore4444
This post has NOT been accepted by the mailing list yet.
This post was updated on .
Hello.

I'm trying to make use of Zend\Authentication and the provided DbTable adapter.

This is what I have.

// in AuthController

use Zend\Authentication\AuthenticationService;
use Zend\Authentication\Adapter\DbTable as AuthAdapter;

    protected $mapper = null;
    
    public function loginAction()
    {
        $form = new LoginForm();
        $request = $this->getRequest();
        if ($request->isPost()) {
            $email = $request->getPost()->get('email');
            $password = $request->getPost()->get('password');
            $identity = $this->auth($email, $password);
            if (isset($identity) && $identity->isValid() == TRUE) {
                $user = $this->getUserMapper()->find($identity->getIdentity());
                $user->setLastLogin();
                $this->getUserMapper()->save($user);
                return $this->redirect()->toRoute('solon');
            } else {
                foreach ($identity->getMessages() as $message) {
                    echo "$message\n";
                }
            }
        }
        return array(
            'form' => $form,
        );
    }
    
    public function getUserMapper()
    {
        if(!isset($this->mapper)) {
            $sm = $this->getServiceLocator();
            $this->mapper = $sm->get('mapper/user');
        }
        return $this->mapper;

    }
    
    public function getAuthService()
    {
        return new AuthenticationService();
    }
    
    protected function auth($email, $password)
    {
        $dbadapter = $this->getServiceLocator()->get('dbAdapter');
        $adapter = new AuthAdapter($dbadapter, 'users', 'email', 'password');
        $adapter->setIdentity($email)
                ->setCredential($password);
        return $this->getAuthService()->authenticate($adapter);
    }
}

And yet, $identity->isValid() returns false every time with the error message "Supplied credential is invalid".
I'm guessing the problem is that I never told the Adapter how I hash my passwords (Bcrypt).
How do I integrate with authenticate()'s inner password checking mechanism to have successful validation?