Cakephp_challenge_response_authentication is a project mainly written in PHP and JAVASCRIPT, it's free.
A plugin containing a replacement for cake's AuthComponent that provides javascript challenge-response password authentication.
A plugin containing a replacement for cake's AuthComponent that provides javascript challenge-response password authentication.
Replace cake's Auth component in your AppController::$components array:
var $components = array('ChallengeResponseAuthentication.ChallengeResponseAuthenticationAuth');
Add the helper (necessary for any view that generates a login form):
var $helpers = array('ChallengeResponseAuthentication.ChallengeResponseAuthenticationAuth');
Call generateLoginNonce() in the controller of your login page. If every page on your site might display a login box in the header, you can do this in AppController::beforeRender() like so:
function beforeRender() {
$this->ChallengeResponseAuthenticationAuth->generateLoginNonce();
}
This is what your login form should look like:
<?php echo $form->input('username'); ?>
<?php echo $form->input('password', array(
'data-nonce'=>$challengeResponseAuthenticationAuth->getLoginNonce(),
'data-salt'=>Configure::read('Security.salt'),
'class'=>'login-password'
)); ?>
Include the following two javascript files on any page that renders a login form:
<?php echo $html->script('/challenge_response_authentication/js/sha1'); ?>
<?php echo $html->script('/challenge_response_authentication/js/jquery.challenge-response-authentication'); ?>