0

我将YiiPassword扩展名提取到protected/components/YiiPassword

主.php:

    .
    .
    .
    'import'=>array(
            'application.models.*',
            'application.components.*',
            'application.components.YiiPassword.*',
            'application.helpers.*',

    ),
    .
    .
    .

User.php:(模型) 

.    
.
.
public function behaviors()
{
    return array(
        "APasswordBehavior" => array(
            "class" => "APasswordBehavior",
            "defaultStrategyName" => "bcrypt",
            "strategies" => array(
                "bcrypt" => array(
                    "class" => "ABcryptPasswordStrategy",
                    "workFactor" => 14
                ),
                "legacy" => array(
                    "class" => "ALegacyMd5PasswordStrategy",
                )
            ),
        )
    );
}
.
.
.

Ans 还在tbl_user中添加了三个字段:

salt - 保存用于散列密码的每个用户的盐

密码- 保存散列密码(已存在)

passwordStrategy - 保存该用户当前密码策略的名称

requiresNewPassword - 一个布尔字段,用于确定用户是否应更改密码

现在我只想使用bcrypt,如何编码用户密码并在用户登录时验证它?

4

2 回答 2

1

您只需检索用户并调用该verifyPassword方法!该方法的说明:

将给定密码与此模型的存储密码进行比较

因此,您可以执行以下操作:

$user = User::model()->findByPK(1);
if($user->verifyPassword("password")){
    //Password verified
}
于 2013-03-30T09:20:19.227 回答
0

解决了

以下测试成功完成,ABcryptPasswordStrategyTest.php :

<?php
Yii::import("application.components.passwordStrategy.*");
Yii::import("application.models.*");

/**
 * Tests for the {@link ABcryptPasswordStrategy} class.
 * @author Charles Pick
 * @package packages.passwordStrategy
 */
class ABcryptPasswordStrategyTest extends CTestCase
{
    public function testEncode()
    {
        $user=User::model()->findByAttributes(array('username'=>'user'));
        $strategy = new ABcryptPasswordStrategy();
        $strategy->getSalt(true);

        $user->password = 'pass';
        $user->save();

        $this->assertTrue($user->verifyPassword("pass"));
    }
}

更多信息

于 2013-03-31T08:08:43.487 回答