We have moved our forum to GitHub Discussions. For questions about Phalcon v3/v4/v5 you can visit here and for Phalcon v6 here.
  1. Home
  2. Security

checkHash return false

I've got following code to log into site

    if ($this->request->isPost()) {

        $username = $this->request->getPost('username');
        $password = $this->request->getPost('password');

        $user = Users::findFirst(array(
            "(username = :username:)",
            'bind' => array('username' => $username)
        ));

        if(!$user){
            $this->flash->error('User with username ' . $username . ' not exist.');
            return $this->forward('session/index');
        }

        if(!$this->security->checkHash($password, $user->password)){
            $this->flash->error('Wrong password');
            return $this->forward('session/index');
        }

        $this->_registerSession($user);
        $this->flash->success('Welcome ' . $user->fullname);
        return $this->forward('dashboard/index');
      }

I can connect to db because when I try $user->password I;m getting correct hashed password from db and also $password return correct password that user have put into input.

Why it return false on checkHash?



77.7k

Have you hashed and stored the password with security->hash($rawPassword) and the same setup for the security service?

https://docs.phalcon.io/en/latest/reference/security.html



6.5k
in reply to Lajos Bencz

Yes, I've done that.

Have you hashed and stored the password with security->hash($rawPassword) and the same setup for the security service?

https://docs.phalcon.io/en/latest/reference/security.html



6.5k
Accepted
answer

I've fixed issue. Prlem was wth db where varchar vas seto to 55 long not 60