Closed demorfi closed 9 years ago
openam
commented
9 years ago Sorry this has been so long. I'm really loving this idea. I've just been swamped.
It doesn't seem to be letting me use the authentication part. I'm trying admin:password for the username:password. I assume that's what's committed to the database.db. Is that correct?
The language settings don't seem to be working for me either.
openam
commented
9 years ago It looks like you used the AuthComponent to generate the password hash. That mean we should probably commit the associated Security.salt and the Security.cipherSeed.
demorfi
commented
9 years ago Username, password, and other settings are stored in the database.db. For the best security is to change the password salt. Settings on the left core.php.default default. Available only two languages - English and Russian. Session keeps the selected language.
openam
commented
9 years ago If that's the case then there really is no default username or password. The only way to change them if you change the Security.salt is by changing $this->Auth->allow('logout'); to $this->Auth->allow(); in the UsersController.php file. I think that I'm going to commit the changed core.php and set default username an passwords.
As for the languages it looks like if I clear my cookies after changing the language I get Russian on the login page, then it changes to english after I login, even though ru is still selected in the settings.
demorfi
commented
9 years ago By default database.db -> table users, 3 user (admin:admin, user:user, children:children). You are using the master branch?
openam
commented
9 years ago I thought set the default passwords to password after seeing commit 284842a5dc1bd22e421b26c3ede5c26e21c33efd. I ended up committing the core.php file and committing the passwords with commit 69021dd51d59096abcfa3ab2be4d4c022e4887d0. I updated documentation in commit 978db1864bdaeafa1b43e03df282f554cf4cd695.
Yes, I'm using the master branch.
demorfi
commented
9 years ago Thank you. I've updated my branch.
danpolanco
commented
8 years ago I believe I'm seeing a related issue. If I change the salt, I can't login using the default users. And if I can't change the salt, then having a salt becomes pointless, yeah?
The other oddity is that it always pops up and asks for basic auth like so:
I have it running behind a reverse proxy, so perhaps that is why?
Nice work otherwise.
openam
commented
8 years ago @DanTheColoradan see https://github.com/openam/calibrephp/pull/12#issuecomment-102643702 that will allow you to change the salt and go to the routes to change the passwords without being authenticated.
danpolanco
commented
8 years ago [...] The only way to change them if you change the Security.salt is by changing $this->Auth->allow('logout'); to $this->Auth->allow(); in the UsersController.php file. [...]
So I should change it to $this->Auth->allow();. Do I need to change it back after setting the passwords?
openam
commented
8 years ago Yes, you'd want to change it back afterwards, otherwise it's allowed by anyone with or without being logged in.
$this->Auth->allow(); allows anyone logged in or not to access all the routes. See, http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html#making-actions-public
danpolanco
commented
8 years ago Awesome. Thanks.
Added reading epub and pdf in browser