Compare Old Password from auth to entered password

#1

I am using cakephp 3.5 and i have a password change form in which i am entering old password and want to compare old entered password with one in database.
i am comparing like
$hasher = new DefaultPasswordHasher;
if($hasher->check($password , $hashedPasswordDb )){
echo “Password Compared”;
}else{
echo “Password Not Compared”;
}

but it always goes to false;

0 Likes

#3

Are your sure your password is properly hashed in the database?

0 Likes

#4

And is $hashedPasswordDb definitely a string, and not, for example, a query result object?

0 Likes

#5

Yes i am preety sure it is hashed by Default password hasher in auth
and for auth i am follwing this https://trinitytuts.com/cakephp3-acl-implementation/

0 Likes

#6

Please dump the entity of the user (you do not need to send it to us) and check it in there.
Then, as Zuluru said, make sure $hashedPasswordDb is a string, not a query result object.

0 Likes

#7

Hi @sanjeevrouhan,

I use similar code in my programs and it works just perfectly. What I would suggest is this:
Ensure that both variables $password and $hashedPasswordDB actually contain the values they were meant to contain.

Do a debug of both variables just before the hash-check

0 Likes