CakePHP身份验证(登录/注销）不起作用

我试图按照文档实现基本的登录/注销功能：http://book.cakephp.org/2.0/en/tutorials-and-examples/blog-auth-example/auth.html

但是Auth->login（）函数总是返回false，而不是提供正确的用户名密码&我收到"用户名或密码无效，请重试"的错误消息。这是我的代码：

用户.php

App::uses('AppModel', 'Model');
App::uses('BlowfishPasswordHasher', 'Controller/Component/Auth');
class User extends AppModel    {
    public $validate = array(
        'username' => array(
            'required' => array(
                'rule' => array('notEmpty'),
                'message' => 'A username is required'
            )                
        ),
        'password' => array(
            'required' => array(
                'rule' => array('notEmpty'),
                'message' => 'A password is required'
            )                
        ),            
        'confirmpassword' => array(
            'compare' => array(
                'rule' => array('match_password'),
                'message'   => 'The confirm password you entered do not match with password.',
            )
        ),
        'first_name' => array(
            'rule' => 'notEmpty'
        ),
        'last_name' => array(
            'rule' => 'notEmpty'
        ),
        'email' => array(
            'rule' => 'notEmpty'
        ),
        'role' => array(
            'valid' => array(
                'rule' => array('inList', array('admin', 'user')),
                'message' => 'Please enter a valid role',
                'allowEmpty' => false
            )
        )
    );
   public function match_password(){
        return $this->data[$this->alias]['password'] === $this->data[$this->alias]['confirmpassword'];
    }
    public function beforeSave($options = array()) {
        if (isset($this->data[$this->alias]['password'])) {
            $passwordHasher = new BlowfishPasswordHasher();
            $this->data[$this->alias]['password'] = $passwordHasher->hash(
                $this->data[$this->alias]['password']
            );
        }
        return true;
    }
}

UsersController.php

App::uses('AppController', 'Controller');
class UsersController extends AppController {
    public $components = array('Session', 'Auth');
    public function beforeFilter() {
        parent::beforeFilter();
        $this->Auth->allow('signup', 'logout');
        //$this->Auth->allow('signup');     
    }
    public function index() {
        $this->set('users', $this->User->find('all'));
    }
    public function view($id = null) {
        $this->User->id = $id;
        if (!$this->User->exists()) {
            throw new NotFoundException(__('Invalid user'));
        }
        $this->set('user', $this->User->read(null, $id));
    }
    public function signup() {
        if($this->request->is('post')){
            $this->User->create();
            if($this->User->save($this->request->data)){
                $this->Session->setFlash(__('User added', 'default', array('class' => 'notice success')));
                return $this->redirect(array('action' => 'index'));
            }
        }
    }
    public function edit($id = null) {
        $this->User->id = $id;
        if (!$this->User->exists()) {
        throw new NotFoundException(__('Invalid user'));
        }
        if ($this->request->is('post') || $this->request->is('put')) {
        if ($this->User->save($this->request->data)) {
            $this->Session->setFlash(__('The user has been saved'));
            return $this->redirect(array('action' => 'index'));
        }
        $this->Session->setFlash(
            __('The user could not be saved. Please, try again.')
        );
        } else {
        $this->request->data = $this->User->read(null, $id);
        unset($this->request->data['User']['password']);
        }
    }
    public function delete($id = null) {
        $this->request->onlyAllow('post');
        $this->User->id = $id;
        if (!$this->User->exists()) {
        throw new NotFoundException(__('Invalid user'));
        }
        if ($this->User->delete()) {
        $this->Session->setFlash(__('User deleted'));
        return $this->redirect(array('action' => 'index'));
        }
        $this->Session->setFlash(__('User was not deleted'));
        return $this->redirect(array('action' => 'index'));
    }
    public function login() {
        if ($this->request->is('post')) {
            //debug($this->Auth->login()); die();
            if ($this->Auth->login()) { 
                return $this->redirect($this->Auth->redirect());
            }   
            $this->Session->setFlash(__('Invalid username or password, try again'));
        }
    }
    public function logout() {
        return $this->redirect($this->Auth->logout());
    }

}

AppController.php

App::uses('Controller', 'Controller');
class AppController extends Controller {
    public $components = array(
        'Session',
        'Auth' => array(
            'loginRedirect' => array(
                'controller' => 'posts',
                'action' => 'index'
            ),
            'logoutRedirect' => array(
                'controller' => 'posts',
                'action' => 'indexs',                
            ),
            'authenticate' => array(
                'Form' => array(
                    'passwordHasher' => 'Blowfish'
                )
            )
        )
    );
    public function beforeFilter() {
        $this->Auth->allow('index', 'view');
    }
}

登录.ctp：

<div>
    <?php
    echo $this->Session->flash('auth');
    echo $this->Session->flash();
    ?>
    <br />
    <h1>User Registration : - </h1>
    <legend>
        <?php echo __('Please enter your username and password'); ?>
    </legend>
    <div id="registerform">
        <?php
            echo $this->Form->create('User');
            echo $this->Form->input('username');   
            echo $this->Form->input('password');
            echo $this->Form->end('Login'); 
        ?>
    </div>
</div>

有人能帮我确定问题吗？我真的被这个问题困扰了一整天；找不到解决方案。

非常感谢您的帮助。

谢谢，Susmita