I am using the CakeDC users plugin and I am having trouble getting only admins to be able to view the admin section as it stands any registered user can access admin. what am i doing wrong?
AppController.php
class AppController extends Controller {
public $components = array(
'DebugKit.Toolbar',
'Auth' => array('authorize' => array('Controller')
)
);
public function isAuthorized($user = null) {
// Any registered user can access public functions
if (empty($this->request->params['admin'])) {
return true;
}
// Only admins can access admin functions
if (isset($this->request->params['admin'])) {
return (bool)($user['role'] === 'admin');
}
// Default deny
return false;
}
public function beforeFilter(){
$this->Auth->allow("display");
if ($this->Auth->loggedIn()) {
$this->layout = 'loggedin';
}
}
}
UsersController.php (from the CakeDC users plugin controller)
//other code here
public function isAuthorized($user = null) {
return parent::isAuthorized($user);
}
//other code here
routes.php
Router::connect('/users', array('plugin' => 'users', 'controller' => 'users'));
Router::connect('/users/index/*', array('plugin' => 'users', 'controller' => 'users'));
Router::connect('/users/:action/*', array('plugin' => 'users', 'controller' => 'users'));
Router::connect('/users/users/:action/*', array('plugin' => 'users', 'controller' => 'users'));
Router::connect('/login', array('plugin' => 'users', 'controller' => 'users', 'action' => 'login'));
Router::connect('/logout', array('plugin' => 'users', 'controller' => 'users', 'action' => 'logout'));
Router::connect('/register', array('plugin' => 'users', 'controller' => 'users', 'action' => 'add'));
Router::connect('/admin', array('plugin' => 'users', 'controller' => 'users', 'admin' => true));
Router::connect('/admin/:action/*', array('plugin' => 'users', 'controller' => 'users', 'admin' => true));
core.php
Configure::write('Routing.prefixes', array('admin'));
EDIT:
isAuthorized() was not being called when i called the authorize = array('Controller') in the components. Had to add this in the beforeFilter() of the AppController: $this->Auth->authorize = 'Controller';
In function isAuthorized:
$this->request->params['admin']
always not empty, so it return true value :)
Related
When I login from one user account session is set.Then opening the next tab on same browser and enter login url it takes me to the login page.But actually it should redirect to the "dashboard" page(in my case). It can't redirect to loginRedirect(dashboard) page as mentioned in my Auth.
When i logout, as per my code session,cookie and cache are deleted. but it's not redirect to logoutRedirect page.
My code :
App controller
public $components = array(
'Session', 'RequestHandler', 'Email', 'Cookie',
'Auth' => array(
'authenticate' => array(
'Form' => array(
'fields' => array(
'username' => 'email',
'password' => 'password')
)
),
'loginRedirect' => array(
'controller' => 'users',
'action' => 'login'
),
'logoutRedirect' => array(
'controller' => 'users',
'action' => 'login'
)
)
);
User controller
login action :
public function login() {
$this->layout = 'admin';
if ($this->Session->check('Auth.User')) {
$this->redirect(array('controller' => 'users', 'action' => 'dashboard'));
}
if (isset($this->data['User'])) {
if (!empty($this->data['User']['email']) && !empty($this->data['User']['password'])) {
if ($this->Auth->login()) {
$this->redirect(array('controller' => 'users', 'action' => 'dashboard'));
} else {
$this->set('error', "Email or Password mismatch.");
}
}
} else {
if ($this->Auth->loggedIn()) {
$this->redirect(array('controller' => 'users', 'action' => 'dashboard'));
}
}
}
logout action :
public function logout() {
header('pragma: no-cache');
header('Cache-Control: no-cache, must-revalidate');
$this->response->disableCache();
$this->Session->delete('Auth.User');
$this->Session->delete('User');
$this->Session->destroy();
$this->Cookie->destroy();
return $this->redirect($this->Auth->logout());
}
This code is working fine in "local server" but not working in production server.
Your redirect statements should have return in front of them so that code execution will stop there. For example:
return $this->redirect(array('controller' => 'users', 'action' => 'dashboard'));
I am using cakeDC's user plugin and I am having an issue when using the routes.
When i go to my domain.com/login I get redirected to my domain.com/users/login with the flash message "You are not authorized to access that location."
Routes.php
CakePlugin::routes();
Router::connect('/users', array('plugin' => 'users', 'controller' => 'users'));
Router::connect('/users/index/*', array('plugin' => 'users', 'controller' => 'users'));
Router::connect('/users/:action/*', array('plugin' => 'users', 'controller' => 'users'));
Router::connect('/users/users/:action/*', array('plugin' => 'users', 'controller' => 'users'));
Router::connect('/login', array('plugin' => 'users', 'controller' => 'users', 'action' => 'login'));
Router::connect('/logout', array('plugin' => 'users', 'controller' => 'users', 'action' => 'logout'));
Router::connect('/register', array('plugin' => 'users', 'controller' => 'users', 'action' => 'add'));
AppController.php
function beforeFilter() {
parent::beforeFilter();
//$this->Auth->allow('index');
$this->set('logged_in', $this->Auth->loggedIn());
$this->set('current_user', $this->Auth->user());
$this->Auth->fields = array('username' => 'username', 'password' => 'passwd');
$this->Auth->loginAction = array('plugin' => 'users', 'controller' => 'users', 'action' => 'login', 'admin' => false);
$this->Auth->loginRedirect = '/';
$this->Auth->authError = __('Sorry, but you need to login to access this location.', true);
$this->Auth->loginError = __('Invalid username / password combination. Please try again', true);
$this->Auth->autoRedirect = true;
$this->Auth->userModel = 'User';
$this->Auth->userScope = array('User.active' => 1);
if ($this->Auth->user()) {
$this->set('userData', $this->Auth->user());
$this->set('isAuthorized', ($this->Auth->user('id') != ''));
}
}
The bellow line shouldn't be wrapped in the if statement:
$this->Auth->allow('login');
Take a look at this question. It might help you.
This issue I was seeing was the cause of the cache holding some details and then conflicting. I solved by
public function beforeRender() {
$this->response->disableCache();
}
I am new to cakephp. I have a problom while login. With wrong name and password redirects to login home page.
UsersController.php
public function login() {
$this->layout = 'admin-login';
if ($this->request->is('post')) {
if ($this->Auth->login($this->request->data)) {
return $this->redirect($this->Auth->redirectUrl())
} else {
$this->Session->setFlash(__('Username or password is incorrect'), 'default', array(), 'auth');
}
}
}
AppController.php
public $components = array(
'Session',
'Auth' => array(
'loginRedirect' => array('controller' => 'users', 'action' => 'index'),
'logoutRedirect' => array('controller' => 'users', 'action' => 'login'),
'loginAction' => array('controller' => 'users', 'action' => 'login')
)
);
public function beforeFilter() {
$this->Auth->allow("login");
//$this->Auth->authorize = array('Controller');
$this->Auth->authenticate = array(
'Form' => array (
'scope' => array(
'User.is_active' => 1
)
)
);
}
public function isAuthorized($user) {
return true;
}
login.ctp
echo $this->Form->create('User');
echo $this->Form->input('username');
echo $this->Form->input('password');
echo $this->Form->submit(__('Submit');
echo $this->Form->end();
When i fill the wrong username & password & click on submit button it redirect to home page, Thanks.
You are using AuthComponent::login() wrong, you are only supposed to pass data to it in case you want to manually login a user, ie without automatic authentication.
If you want to use the components authentication functionality just call $this->Auth->login()
See also: http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html#identifying-users-and-logging-them-in
In 2.x $this->Auth->login($this->request->data) will log the user in with whatever data is posted, whereas in 1.3 $this->Auth->login($this->data) would try to identify the user first and only log in when successful.
usercontroller
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow('login','logout');
}
public function login()
{
$this->layout= 'login';
if ($this->request->is('post')) {
if ($this->Auth->login()) {
$this->redirect('/users');
else {
$this->Session->setFlash(__('Invalid email or password, please try again'));
}
}
else{
if($this->Auth->loggedIn())
$this->redirect('index');
}
}
}
AppController
class AppController extends Controller {
public $components = array(
'Session',
'Auth' => array(
'authenticate' => array(
'Form' => array(
'userModel' => 'User',
'fields' => array(
'username' => 'user_name',
'password' => 'password'
)
)
),
'loginAction' => array('controller' => 'users', 'action' => 'login'),
'loginRedirect' => array('controller' => 'users', 'action' => 'dashboard'),
'logoutRedirect' => array('controller' => 'users', 'action' => 'login'),
'authError' => 'You don\'t have access here.',
/*
'loginAction' => array('controller' => 'users', 'action' => 'forgot_password'),
'loginRedirect' => array('controller' => 'users', 'action' => 'dashboard'),
'logoutRedirect' => array('controller' => 'users', 'action' => 'forgot_password'),
'authError' => 'You don\'t have access here.',
*/
),
);
In my cake 2.2 app I have the following beforeFilter() set up in my App Controller:
public function beforeFilter() {
//Configure AuthComponent
// Admin
if($this->Auth->user('group_id') == '12') {
$this->Auth->allow('admin_index');
$this->Auth->loginAction = array('controller' => 'users', 'action' => 'login', 'admin' => FALSE);
$this->Auth->loginRedirect = array('controller' => 'pages', 'action' => 'index', 'admin' => TRUE);
$this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login', 'admin' => FALSE);
$this->set("group", "admin");
// Staff
}
if($this->Auth->user('group_id') == '13') {
$this->Auth->allow('admin_index');
$this->Auth->loginAction = array('controller' => 'users', 'action' => 'login', 'admin' => FALSE);
$this->Auth->loginRedirect = array('controller' => 'pages', 'action' => 'index', 'admin' => TRUE);
$this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login', 'admin' => FALSE);
$this->set("group", "staff");
So basically I want all users regardles of user group to be sent to /users/login when the session expires. This works for users but any admin users get redirected to admin/users/login and presented with a Missing method in users controller error (because this isnt an admin method). For some reason the 'admin' => FALSE isnt working.
So, how can I get all users regardless of user type to get redirected to the NON admin method/url of /users/login
// Users
}
if($this->Auth->user('group_id') == '14') {
$this->Auth->allow(array('controller' => 'pages', 'action' => 'index', 'admin' => FALSE));
$this->Auth->loginAction = array('controller' => 'users', 'action' => 'login', 'admin' => FALSE);
$this->Auth->loginRedirect = array('controller' => 'pages', 'action' => 'index', 'admin' => FALSE);
$this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login', 'admin' => FALSE);
$this->set("group", "user");
}
// General logout redirect (including expired session redirect)
$this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login', 'admin' => FALSE);
}
What I guess is happening is that the user is not actually login out when the session expires. Unless the user explicitely logs out (executing a lougout action in your UsersController, I'm assuming), like this for example
public function logout() {
... some code here...
$this->Session->destroy();
$this->redirect($this->Auth->logout());
}
that logoutRedirect is probably not going to work.
If the session expires, the user will be unauthorized to view the page, and the redirect is going to go to the Auth->unauthorizedRedirect.
For what you're trying to do, I'd use a method checking if the user is logged in beforeFilter of the AppController
public function beforeFilter() {
if (!$this->Auth->loggedIn() && $this->action != 'login') {
$this->redirect(array('controller'=>'users', 'action'=>'login', 'admin'=>false));
}
}
or if you want
public function beforeFilter() {
if (!$this->Auth->loggedIn() && $this->action != 'login') {
$this->redirect($this->Auth->logoutRedirect);
}
}
public function admin_logout() {
$this->Session->setFlash(__('Thanks for using Applired.com!'), 'default', array('class' => 'alert alert-success'));
$this->Session->delete('user_to_register');
$this->Session->destroy();
$this->Auth->logout();
return $this->redirect(array('controller' => 'dashboard', 'action' => 'login'));
}
For some reason beforefilter is not executed in appcontroller when I am in the admin section.
I test it with die(); and it still goes through. What could be the problem?
When I am logged out, it forwards to login, appcontroller is executed. When I log in, I get the problem.
Router:
Router::connect('/', array('controller' => 'static', 'action' => 'index'));
/**
* ...and connect the rest of 'Pages' controller's urls.
*/
Router::connect('/pages/*', array('controller' => 'pages', 'action' => 'display'));
/**
* PLUGIN MATCH
*/
if ($plugins = Configure::listObjects('plugin')) {
$pluginMatch = implode('|', array_map(array('Inflector', 'underscore'), $plugins));
Router::connect( "/:language/:plugin/:controller/:action/*", array('action' => null), array('plugin' => $pluginMatch) );
}
/**
* ADMIN
*/
Router::connect('/:language/admin/:controller/:action/*', array('action' => null, 'admin'=> true), array('language' => '[a-z]{3}'));
Router::connect('/:language/admin', array('controller' => 'admin', 'action' => 'index'), array('language' => '[a-z]{3}')); //...and set the admin default page
/**
* LANGUAGES
*/
Router::connect('/:language/home', array('controller' => 'static', 'action' => 'index'));
Router::connect('/:language/about', array('controller' => 'static', 'action' => 'about'));
// ...and more of those regular redirects here
Appcontroller beforeFilter:
function beforeFilter(){
die();
// LANGUAGES
$this->_setLanguage();
$this->Auth->authorize = 'actions'; // CAN SOMEBODY EXPLAIN TO ME WHAT THIS DOES?
$this->Auth->logoutRedirect = array( 'controller' => 'static', 'action' => 'index', 'language'=>$this->Session->read('Config.language'));
$this->Auth->loginRedirect = array( 'controller' => 'galleries', 'action' => 'index', 'language'=>$this->Session->read('Config.language'));
$this->Auth->loginAction = array( 'controller'=>'users', 'action'=>'login', 'plugin'=>null,'language'=>$this->Session->read('Config.language'));
// ACO
$this->Auth->actionPath = 'controllers/'; // The main ACO. Maybe we need to change something for languages?
if($this->Auth->user()){
$this->set('u', $this->Auth->user());
}
}
Why is this?
does the specific controller have a beforeFilter? and does it call parent::beforeFilter?
the simple stuff sometimes is overlooked.