Hi, I’m implementing a web app that has 2 user roles: standard user and admins
I don’t want to use a form to add the admin user, because there will be just 1 admin and will always exist on the Users table.
I just want to be able to reset or update the password but without the need of a form.
Perhaps just by calling a shell command
So I tried updating the password field of the admin user with a hardcoded value
I wrote this test method
public function test(){
$user = $this->Users->get(1);
$user = $this->Users->patchEntity($user, [
"password"=>"1234"
]);
$this->Users->save($user)
}
After updating the password by calling test the password 1234 doesn’t work any more.
If I add the user using a Form like shown in the Cookbook it works great.
The user entity implements this method
protected function _setPassword(string $password) {
$hasher = new DefaultPasswordHasher();
return $hasher->hash($password);
}
}
I tried to compare the hash generated with both methods but I realized that it relies on PHP password_hash command and for some reason is time dependent so hashing 1234 gives different results every time
What could be wrong?
Why using the same password in a textfield is not the same as hardcoding the password value on the controller code?