Using CakePHP's password hashing in android .apk

makers · July 3, 2017, 4:55pm

Hello fellow bakers,

We’re currently developing an Android app that relies on a database in which are stored username and passwords hashed by a CakePHP website.

Ultimately, our app user is going to use the username and password to log onto the app and be able to access its features.

So far, any tries have been met with utter defeat. We can’t get the app’s password input to match the CakePHP encrypted values on the database.

Is there any ways, and I believe there is, to duplicate the CakePHP password verification so the hash, salt, whatever, matches the app input and allows our users to log on.

Have a nice day.

cosmin · November 21, 2017, 12:46pm

Hi,

Internally Cake uses the php password_hash function so you can go over the documentation and figure out what you need to replicate. However it s kind of a moving target since algos are prone to be upgraded over time.

What I would do is expose an API form the webapp for password checking or at least a raw php command line script that would return the correct hash for a given string password.

Cosmin

Topic		Replies	Views
Cake 2.1 Password Reset Need Help	4	910	December 4, 2021
API without Cake, problem with passwords Need Help	1	681	November 19, 2016
[SOLVED] Auth->identify fails after changing password? Need Help	0	1144	October 18, 2018
How to implement password reset in CakePHP	1	2975	May 20, 2019
Compare Old Password from auth to entered password Need Help	5	1010	April 3, 2019

Using CakePHP's password hashing in android .apk

Releases

Documentation

Community

Using CakePHP's password hashing in android .apk

Related Topics

Releases

Documentation

Community