I want to redirect http://localhost/amrajegeachi14/admins/deshboard after successful login and http://localhost/amrajegeachi14/admins/login if login failed. My code inside adminsController:
class AdminsController extends AppController {
var $layout = 'admin';
public function beforeFilter() {
parent::beforeFilter();
// $this->Auth->allow('login');
}
function isAuthorized($user) {
if (isset($user['Admin'])) {
if ($user['Admin']['status'] == 'active') {
return TRUE;
}
}
return FALSE;
}
function login() {
$this->loadModel('Admin');
$this->layout = "admin-login";
// if already logged in check this step
if ($this->Session->check('Auth.User')) {
return $this->redirect(
array('controller' => 'admins', 'action' => 'deshboard'));
}
// after submit login form check this step
if ($this->request->is('post')) {
$password = Security::hash($this->request->data['Admin']['password'], NULL, true);
$admin = $this->Admin->find('first', array(
'conditions' => array('email' => $this->request->data['Admin']['email'], 'password' => $password)
));
if ($this->isAuthorized($admin)) {
$this->Auth->login($this->request->data['Admin']);
return $this->redirect('/admins/deshboard');
} else {
$this->Session->setFlash('Invalid username/password combination OR you are blocked, try again');
return $this->redirect('/admins/login');
;
}
}
}
public function logout() {
// $user = $this->Auth->user();
// $this->Session->destroy();
$this->Session->setFlash('you have successfully logged out');
$this->Auth->logout();
return $this->redirect(array('controller' => 'admins', 'action' => 'login'));
}
function deshboard() {
}
}
Code Inside AppController.php
class AppController extends Controller {
public $components = array(
'Session',
'Auth' => array(
'authenticate' => array(
'Form' => array(
'fields' => array(
'username' => 'email', //Default is 'username' in the userModel
'password' => 'password' //Default is 'password' in the userModel
),
'userModel' => 'Agent'
)
),
'loginAction' => array(
'controller' => 'admins',
'action' => 'login'
),
'loginRedirect' => array('controller' => 'admins', 'action' => 'deshboard'),
'logoutRedirect' => array('controller' => 'admins', 'action' => 'login'),
'authError' => "You can't acces that page",
'authorize' => 'Controller'
)
);
public function beforeFilter() {
//parent::beforeFilter();
$this->Auth->allow('index');
}
}
When I try to login it redirects to http://localhost/amrajegeachi14/admins/login if login failed. its fine. but when I provide valid email and password and login successful it redirects to http://localhost/amrajegeachi14/amrajegeachi14/admins/deshboard. its wrong it should be http://localhost/amrajegeachi14/admins/deshboard
I am surprised when I changed the isAuthorized() function as follows:
function isAuthorized($user) {
if (isset($user['Admin'])) {
if ($user['Admin']['status'] == 'active') {
return TRUE;
}
}
return true;
}
it redirects http://localhost/amrajegeachi14/admins/deshboard with successful login. But in this case login will be okay with incorrect username and password.
This problem kills my sleep, makes me crazy and I am so much disappointed. I searched google for two days but no appropriate solution. Please help me.
The problem is that your user is never logged in because you did not follow the CakePHP way of authenticating an user. Here is your code with comments:
// This should not be here... This should either be in a authentication
// component, or maybe not present at all if you use default authentication.
$password = Security::hash($this->request->data['Admin']['password'], NULL, true);
$admin = $this->Admin->find('first', array(
'conditions' => array(
'email' => $this->request->data['Admin']['email'],
'password' => $password
)
));
// This should not be called manually.
if ($this->isAuthorized($admin)) {
// Your problem is probably here, since you never check the return
// value of the login function.
$this->Auth->login($this->request->data['Admin']);
// You should use $this->Auth->redirectUrl()
return $this->redirect('/admins/deshboard');
} else {
$this->Session->setFlash('Invalid username/password combination OR you are blocked, try again');
return $this->redirect('/admins/login');
}
I am pretty sure that the $this->Auth->login () call always return false. The login method will try to authenticate an user, using the authentication component you specified (or the default one).
Your passwords are probably hashed in your DB, but you did not tell the component how to hash them, so it cannot authenticate your users...
Related
hi everyone back at coding. stuck with a strange error. the auth component on cakephp logs the user in and is also redirecting the user to the dashboard page but the error is that when the user lands on the dashboard the login form is still visible and the actual content of the dashboard is not showing.
//AppController.php
// Pass settings in $components array
public $components = array(
'Session',
'Auth' => array(
'loginAction' => array(
'controller' => 'Admins',
'action' => 'Dashboard',
///'plugin' => 'users'
),
'logoutRedirect' => array(
'controller' => 'Admins',
'action' => 'Login',
),
'authError' => 'Enter correct admin username and password',
'authenticate' => array(
'Form' => array(
'fields' => array('username' => 'admin#test.com',
'password' => 'pass')
)
)
)
);
public function beforeFilter(){
//non-logged in users
$allowed = array('Login', 'Logout');
$this->Auth->allow($allowed);
$user = null;
if($this->Session->read('user')){
$user = $this->Session->read('user');
$this->user = $user;
$this->set('user', $user);
$this->redirect(array('controller'=>'Admins', 'action'=>'Dashboard'));
}
}
i'm not storing the admin login information in table since only one admin is required.
//Login function in AdminsController.php
public function Login(){
if($this->request->is('post')){
if($this->data['Admins']['username']=='admin#test.com' && $this->data['Admins']['password'] == 'pass'){
$this->Auth->login();
$this->Session->write($this->user, $this->data['Admins']['username']);
$this->Session->setFlash('Welcome Back !');
$this->redirect(array('controller'=>'Admins', 'action'=>'Dashboard'));
}
}
}
public function Dashboard(){
//pr($this->Session->read($user));
//pr($this->user);
//exit;
}
kindly ask for more information if needed, the problem is in the display for the ctp file, it displays the login.ctp rather than dashboard.ctp
I'm having some issues with the authentication component. Every time I try to login in with a user (I've checked that user exists in the database with correct params), my application throws me a failure login message.
I have two models, Accounts and Employees, where one Employee belongsTo Account, and one Account hasOne Employee. I save the data with saveAssociated(), and everything is ok in the database, but it's impossible to login.
I've been searching for solutions, and repeating the CookBook tutorials once and another, and I can't find what I'm doing wrong.
Here is some code:
class AppController extends Controller {
public $components = array(
'DebugKit.Toolbar',
'Session',
'Auth' => array(
'loginAction' => array('controller' => 'accounts', 'action' => 'login'),
'loginRedirect' => array('controller' => 'snippets', 'action' => 'index'),
'logoutRedirect' => array('controller' => 'snippets', 'action' => 'index'),
'authorize' => array('Controller')));
public function beforeFilter() {
$this->Auth->loginAction = array('controller' => 'accounts', 'action' => 'login');
$this->Auth->authenticate = array(
AuthComponent::ALL => array(
'userModel' => 'Account',
'fields' => array('username' => 'username', 'password' => 'password')),
'Basic',
'Form');
$this->Auth->allow('index', 'view');
My login function:
public function login() {
if($this->request->is('post')) {
if ($this->Auth->login()) {
$this->Session->setFlash(__('Welcome'));
return $this->redirect(array('controller' => 'snippets', 'action' => 'index'));
//return $this->redirect($this->Auth->redirect());
}
$this->Session->setFlash(__('Wrong password or email'), 'default', array(), 'auth');
}
}
Please, someone can tell me what I'm doing wrong? If you need to see some other code sections, tell me.
Thanks!
When Using ControllerAuthorize 'authorize' => array('Controller') you need to implement an isAuthorized() method that returns a boolean in your AppController.
public function isAuthorized($user = null) {
// Any registered user can access public functions
if (empty($this->request->params['admin'])) {
return true;
}
// Only admins can access admin functions
if (isset($this->request->params['admin'])) {
return (bool)($user['role'] === 'admin');
}
// Default deny
return false;
}
You can check the Auth Section of the docs the docs for more info, search for "Using ControllerAuthorize"
public function login() {
if ($this->request->is('post')) {
if ($this->Auth->login()) {
$this->redirect($this->Auth->redirect());
} else {
$this->Session->setFlash(__('Invalid username or password, try again'));
}
}
}
this is my login script and
public $components = array('Acl', 'Session',
'Auth' => array('authorize' => array('Controller'),
'loginRedirect' => array('controller' => 'users', 'action' => 'dashboard'),
'logoutRedirect' => array('controller' => 'users', 'action' => 'login'),
'authenticate' => array('Form' => array('fields' => array('username' => 'email')))
)
);
this is auth compnents in appcontroller.php
it is logging in using email and password but it is not redirecting to user/dashboard
but instead of that if i put any external urls it redirects perfectly
eg: 'loginRedirect' => 'http://google.com',
it redirects to google
i am totally lost.kindly help
Make sure you are allowed to view the dashboard page using: AuthComponent::allow():
Add this method to your controller:
public function beforeFilter() {
$this->Auth->allow('dashboard');
}
Make sure there is a route set for the dashboard page
I'm completely lost in trying to setup the AuthComponent.
Every login fails.
Here's my AppController beforeFilter function:
public function beforeFilter() {
$this->Auth->authenticate = array(
'all' => array(
'userModel' => 'ClientUser',
'fields' => array(
'username' => 'login',
'password' => 'password'
)
)
);
$this->Auth->loginAction = array('controller' => 'client_users', 'action' => 'login');
$this->Auth->loginRedirect = array('controller' => 'static', 'action' => 'clientcenter');
$this->Auth->logoutRedirect = array('controller' => 'static', 'action' => 'home');
// I deny stuff later on
$this->Auth->allow();
}
And here's the login function in the ClientUsers controller:
public function login() {
// Check login data
if ($this->Auth->login()) {
return $this->redirect($this->Auth->redirect());
} else {
$this->Session->setFlash(__('Username or password is incorrect'), 'default', array(), 'auth');
}
}
And it always fails. And I have no idea why.
This is my $request->data content: (I've actually used "login" and "username" as field name, none work)
ClientUser
login: user#email.com
password: thepassword
Client passwords are hashed in the Model, using the authcomponent (which is imported at the top of the script. I used the security hash function earlier, but that also did not work):
public function beforeSave($options) {
$this->data['ClientUser']['password'] = AuthComponent::password($this->data['ClientUser']['password1']);
return true;
}
Where is you Auth adapter?
as explained on http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html#authentication-objects
// at least one adapter is necessary (here Form)
public $components = array(
'Auth' => array(
'authenticate' => array(
'Form' => array(
'fields' => array('username' => 'email')
)
)
)
);
I have a problem with cakephp 2.1 and Auth.
In my AppControlles I have a function getUserdetails()
if (($user = $this->Auth->user()) != null)
{
$this->loadModel('User');
$tmp = $this->User->find('first',array(
'conditions' => array('username' => $user['User']['username'],
'password'=> $user['User']'password'],
'active' => 1),
'recursive' => -1));
if(!isset($tmp['User']))
return null;
$this->_userDetails = $tmp['User'];
$this->set('userDetails', $this->_userDetails);
}
else
return null
When the user firstly signup $this->Auth->user() returns
array(
'User' => array(
'password' => '*****',
'username' => 'me',
'remember_me' => '1'
)
)
where password is md5 encoded. If I logout and login again password in the previous array is return in plain text so User->find returns false. Is there a way to make a single function for this?
How can I know if password from $this->Auth->user() is md5 or not?
thanks
Try this:
public function login() {
//If a user is already logged in, redirect him
if ($this->Session->read('Auth.User')) {
//$this->Session->setFlash('You are logged in!');
$this->redirect(array('controller' => 'showspage', 'action' => 'home'));
}
if ($this->request->is('post')) {
$this->data['User']['password'] = AuthComponent::password($this->data['User']['password']);
if ($this->Auth->login()) {
$this->redirect($this->Auth->redirect());
} else {
$this->Session->setFlash('Wrong username or password');
$this->redirect(array('controller' => 'showspage', 'action' => 'home'));
}
}
$this->Session->setFlash('You aren't legged-in!');
$this->redirect(array('controller' => 'showspage', 'action' => 'home'));
}
All informations about user are in session and you can find it with AuthComponent:
Es: AuthComponent::user('username');