I have to use loggedIn user data in view therefore creating a variable AUTH_USER in AppController in beforeRender function.
82 public function beforeRender(Event $event)
83 {
84 if ($this->Auth->user('id')) {
85 $this->set('AUTH_USER', $this->Auth->user());
86 }
87 ...
88 ...
89 }
Whenever there is an error, instead of displaying actual error it shows following error without style formatting
Fatal error: Uncaught Error: Call to a member function user() on boolean in /path_to_app/src/Controller/AppController.php:84
Stack trace: #0 /path_to_app/src/Controller/ErrorController.php(54): App\Controller\AppController->beforeRender(Object(Cake\Event\Event))
#1 /path_to_app/vendor/cakephp/cakephp/src/Event/EventManager.php(422): App\Controller\ErrorController->beforeRender(Object(Cake\Event\Event))
#2 /path_to_app/vendor/cakephp/cakephp/src/Event/EventManager.php(391): Cake\Event\EventManager->_callListener(Array, Object(Cake\Event\Event))
#3 /path_to_app/vendor/cakephp/cakephp/src/Event/EventDispatcherTrait.php(78): Cake\Event\EventManager->dispatch(Object(Cake\Event\Event))
#4 /path_to_app/vendor/cakephp/cakephp/src/Controller/ in /path_to_app/src/Controller/AppController.php on line 84
Removing line 84 - 86 displays actual error
Edit 2
code for Auth component load in AppController initialize()
I have written the following code to load the AUTH component.
$this->loadComponent('Auth', [
'authenticate' => [
'Form' => [
'userModel' => 'Admins',
'fields' => [
'username' => 'email',
'password' => 'password'
]
]
],
'loginAction' => [
'controller' => 'Admins',
'action' => 'index'
],
'loginRedirect' => [
'controller' => 'Admins',
'action' => 'contentList'
],
'authError' => 'Did you really think you are allowed to see that?',
'logoutAction' => [
'controller' => 'Pages',
'action' => 'home'
]
]);
I had the same error and if you add this line to beforeRender() it should work:
$this->loadComponent('Auth');
It could be that you are not properly initializing the component in the initialize() function.
You haven't given a proper ID to the if statement to check. You have to send the logged in user's ID through the function's parameters and then check for that ID in the if statement.
Related
user table
role table
I just want to allow access control to role table set like: ctrl_view = 1 means this role can view any controller view.
How can I set different action in different role?
Follow conventions, user_role_id should be named "role_id", role_id only "id" and user_name should be "username" or inside your Auth configuration change the default fields name use for your connection form.
public function initialize()
{
//...
$this->loadComponent('Auth', [
'loginRedirect' => [
'controller' => 'Pages',
'action' => 'welcome',
'prefix' => 'admin'
],
'logoutRedirect' => [
'controller' => 'Users',
'action' => 'login',
'prefix' => false
],
'authError' => 'Unauthorized access...',
'authenticate' => [
'Form' => [
'fields' => ['username' => 'user_name', 'password' => 'password']
]
],
'authorize' => 'Controller',
'unauthorizedRedirect' => [
'controller' => 'Pages',
'action' => 'unauthorized'
],
]);
// ...
}
and inside your Appcontroller make somtehing like this
public function isAuthorized($user)
{
if(!is_null($this->Auth->user())): // if user is logged
$action = $this->request->getParam('action'); // get name action
$this->loadModel('Roles'); // load your model Roles
$query = $this->Authorizations->find() // find inside Roles
->where([
'Roles.role_id IN' => $user['user_role_id'], // where role_id is like user_role_id of current user
'Roles.ctl_'.$action => 1 // and where ctl_[action] is set to 1
])->toArray();
if (!empty($query)): // if we find an occurence, we allow the action
return true;
else: // else we don't authorize
return false,
endif;
/* previous lines can be change with this ----> return (!empty($query)); */
else: // if user is not connected we don't allow action
return false
endif;
}
and to finish, i think it's better to use "prefix", with prefix u can simplify your authorisation process (will no prefix i allow, with prefix i check my role table), for this you have to simply add these line in the beginin of your isAuthorized function:
if (!$this->request->getParam('prefix')) {
return true;
}
Hope it helps
I am using cakephp 3 and their auth component .. everything is working fine but i want to match my password while login using md5 instead of default hashing password logic cakephp 3 uses ... what should i do to implement this feature .. here below is my AppController.php file what i have done so far ..
AppController.php
public function initialize()
{
parent::initialize();
$this->loadComponent('RequestHandler');
$this->loadComponent('Flash');
$this->loadComponent('Auth', [
'loginRedirect' => [
'controller' => 'Users',
'action' => 'dashboard'
],
'logoutRedirect' => [
'controller' => 'Users',
'action' => 'login'
],
'loginAction' => [
'controller' => 'Users',
'action' => 'login'
],
'authenticate' => [
'Form' => [
'userModel' => 'Users',
'fields' => [
'username' => 'user_email',
'password' => 'user_password'
]
]
],
'storage' => 'Session',
'unauthorizedRedirect' => false,
]);
}
as i mentioned above, everything is working fine, i am able to login successfully with default hashing method which cakephp 3 provides, but i just want to exclude this hashing method and need to check using md5 .. how can i do this ?
Can someone guide me or help me please ?
Thanks
Ok .. guys .. eventually i have found out the solution and here below is what i have come up with .. so if anybody stuck or want similar feature, they can follow this thing to accomplish this ..
Go here http://book.cakephp.org/3.0/en/controllers/components/authentication.html#creating-custom-password-hasher-classes there they are saying to create a new file which you need to follow and need to create.
Then in your Auth Component make sure you add below line
'Form' => [
'passwordHasher' => [
'className' => 'Legacy',
]
]
This is working for me, i hope it helps someone .. Thank you guys.
Following the CakePHP which looks a bit confusing and not so straight forward, I have created a basic authentication logic, however, I cannot seem to load Auth component.
Here is the code part from the AppController.php:
public function initialize()
{
parent::initialize();
$this->loadComponent('RequestHandler');
$this->loadComponent('Flash');
$this->loadComponent('Auth', [
'authenticate' => ['Form' => ['fields' => ['username' => 'email', 'password' => 'password']]],
'loginAction' => ['controller' => 'Users', 'action' => 'login'],
'loginRedirect' => ['controller' => 'Groups', 'action' => 'index'],
'logoutRedirect' => ['controller' => 'Users', 'action' => 'login']
]);
}
//Allow basic views
public function beforeFilter(Event $event)
{
$this->Auth->allow(['index', 'view', 'display']);
}
Now no matter which controller or action I run, I always receive the following error:
Error: Call to a member function allow() on a non-object
that is referencing the following line:
$this->Auth->allow(['index', 'view', 'display']);
It has to be a straight forward thing, but I just cannot find it in the docummentation, therefore any help or guidance is much appreciated.
Check that your child controller's method initialize() is calling the parent method.
class MyController extends AppController
{
public function initialize() {
parent::initialize();
//rest of code
}
}
I've got this one when I had no Template/Users/login.ctp template created yet
managed to find out only after inspecting the stack-trace obtained by
$e = new \Exception('How did I got here anyway?');
debug($e->getTraceAsString());
yielding
#5 vendor/cakephp/cakephp/src/Error/ExceptionRenderer.php(318): Cake\Controller\Controller->render('missingTemplate')
Hello I'm using CakePHP 3 to simple setup a site which some pages of it need user to login first.
It was fine when I put the loadComponent('Auth', blablabla) code in initialize() of AppController.php.
src\Controller\AdminController.php
...
public function login() {
if ($this->request->is('post')) {
$admin = $this->Auth->identify();
if ($admin) {
$this->Auth->setUser($admin);
return $this->redirect($this->Auth->redirectUrl());
}
$this->Flash->error('Your username or password is incorrect.');
}
}
...
src\Controller\AppController.php
...
public function initialize() {
parent::initialize();
$this->loadComponent('RequestHandler');
$this->loadComponent('Flash');
$this->loadComponent('Auth', [
'Authenticate' => [
'Form' => [
'userModel' => 'Admin',
'Fields' => [
'username' => 'email',
'password' => 'password'
]
]
],
'loginAction' => [
'controller' => 'Admin',
'action' => 'login',
]
]);
$this->Auth->allow(['display']);
}
...
At this point, I needed to login in order to view all other pages of the site.
But I tried to put this same authentication setup in another controller called JustController, and after I logged in, a fetal error stated
Call to a member function identify() on boolean
has been shown.
It should be possible to setup authentication in other controllers so that the site can have more than 1 set of login system instead of covering whole site by setting up in AppController, doesn't it?
Thank you.
Sorry im new to cakephp 3.0. In my user table, there are two user types, admin and public. How do I display/hide links according to user types in default.ctp? Can anyone guide me thanks!!
This is my app controller
namespace App\Controller;
use Cake\Controller\Controller;
use Cake\Event\Event;
class AppController extends Controller
{
//...
public function initialize()
{
$this->loadComponent('Flash');
$this->loadComponent('Auth', [
'authenticate' => [
'Form' => [
'fields' => [
'username' => 'email',
'password' => 'password'
]
]
],
'loginRedirect' => [
'controller' => 'Users',
'action' => 'index'
],
'logoutRedirect' => [
'controller' => 'Pages',
'action' => 'display',
'home'
]
]);
}
public function beforeFilter(Event $event)
{
$this->Auth->allow(['controller' => 'Users', 'action' => 'add', 'index',
]);
}
}
The AppController you've posted has nothing to do with what I understand of your request so that's got me a little confused. Either way, you can access the session of the current logged in user through session variables.
For example - if your users table had the column 'type' in which the values 'public' or 'admin' were stored, it would look something like this:
<?php if ($this->session->read('Auth.User.type') == 'admin') { ?>
Link to admin functions
<?php } else { ?>
Boring public link
<?php } ?>
That's assuming you're working with logged in users. If you haven't got that far yet, read the CakePHP 3 tutorial on authentication and authorization.