Kohana Auth Module not hashing the password

Question

I'm using Kohana 2.3.4 and can't get the auth module to work.

I'm just adding a user like this:

$user = ORM::factory('user');
$user->username = 'admin';
$this->auth = Auth::instance();   
$user->email    = '[email protected]';
$user->password = 'secret';

$user->add(ORM::factory('role', 'login'));
$user->save();

The problem is that when I look into the users table, the password is in the clear. It seems like the auth_user_model is not being called.

My user model is from the documentation. i.e.

// and, in models/user.php
class User_Model extends ORM {
    protected $has_and_belongs_to_many = array('roles');

    public function unique_key($id = NULL)
    {
        if ( ! empty($id) AND is_string($id) AND ! ctype_digit($id) )
        {
            return 'username';
        }

        return parent::unique_key($id);
    }

}

On closer inspection the file Auth_User_Model isn't being called. I corrupted it and got no complaints.

So I changed

class User_Model extends Auth_User_Model {

And now it's hashing the passwords. Is this the correct way to use it? I'm surprised I'm not seeing more comments about this? To

class User_Model extends ORM {

Answer 1

Yes, that's the proper way to use your user model with the ORM Auth driver. You could also overload __set() in your own model and do it like the auth_user_model.