Let's say I have a user registration and I'm using the Auth component (/user/register is allowed of course).
The problem is if I need to set a minLength validation rule in the model, it doesn't work since the Auth component hashes the password therefore it's always more than my minlength password and it passes even if it's blank.
How do I fix this issue? Thanks in advance!
Essentially, you have to rename the password field (for example, to "pw") to prevent the Auth component from hashing it automatically. Then, if the password passes the validation rules, hash it and save the hash under the password key. This is usually done in the beforeFilter() callback as this article describes.
It is also possible to validate the data and hash the password in the controller. This practice is generally discouraged, but it might be a little easier to wrap your head around if you're just starting out with CakePHP.
// this code would go after: if (!empty($this->data)
// and before: $this->User->save($this->data)
// validate the data
$this->User->set($this->data);
if ($this->User->validates()) {
// hash the password
$password_hash = $this->Auth->password($this->data['User']['pw'];
$this->data['User']['password'] = $password_hash;
}