Closed demorfi closed 9 years ago
Sorry this has been so long. I'm really loving this idea. I've just been swamped.
It doesn't seem to be letting me use the authentication part. I'm trying admin:password
for the username:password
. I assume that's what's committed to the database.db. Is that correct?
The language settings don't seem to be working for me either.
It looks like you used the AuthComponent to generate the password hash. That mean we should probably commit the associated Security.salt
and the Security.cipherSeed
.
Username, password, and other settings are stored in the database.db. For the best security is to change the password salt. Settings on the left core.php.default default. Available only two languages - English and Russian. Session keeps the selected language.
If that's the case then there really is no default username or password. The only way to change them if you change the Security.salt
is by changing $this->Auth->allow('logout');
to $this->Auth->allow();
in the UsersController.php
file. I think that I'm going to commit the changed core.php
and set default username an passwords.
As for the languages it looks like if I clear my cookies after changing the language I get Russian on the login page, then it changes to english after I login, even though ru
is still selected in the settings.
By default database.db -> table users, 3 user (admin:admin, user:user, children:children). You are using the master branch?
I thought set the default passwords to password
after seeing commit 284842a5dc1bd22e421b26c3ede5c26e21c33efd. I ended up committing the core.php file and committing the passwords with commit 69021dd51d59096abcfa3ab2be4d4c022e4887d0. I updated documentation in commit 978db1864bdaeafa1b43e03df282f554cf4cd695.
Yes, I'm using the master branch.
Thank you. I've updated my branch.
I believe I'm seeing a related issue. If I change the salt, I can't login using the default users. And if I can't change the salt, then having a salt becomes pointless, yeah?
The other oddity is that it always pops up and asks for basic auth like so:
I have it running behind a reverse proxy, so perhaps that is why?
Nice work otherwise.
@DanTheColoradan see https://github.com/openam/calibrephp/pull/12#issuecomment-102643702 that will allow you to change the salt and go to the routes to change the passwords without being authenticated.
[...] The only way to change them if you change the Security.salt is by changing $this->Auth->allow('logout'); to $this->Auth->allow(); in the UsersController.php file. [...]
So I should change it to $this->Auth->allow();
. Do I need to change it back after setting the passwords?
Yes, you'd want to change it back afterwards, otherwise it's allowed by anyone with or without being logged in.
$this->Auth->allow();
allows anyone logged in or not to access all the routes. See, http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html#making-actions-public
Awesome. Thanks.
Added reading epub and pdf in browser