Just for organization sake, I wanted to use a different table for the authentication component to check, but it doesn't quite work. While I can initially state:
$this->Auth->userModel = "CoreUsers" plus set the loginAction to my proper MVC
works to look at that table just to confirm it's there, but the login doesn't work, it only keeps returning an incorrect password. Something happens in the authentication component; I can't tell what makes it fail. When I rename my table to "Users", it works.
The other part is I'd prefer to actually use the column name of 'email' rather than 'username' since that's really what I'm using anyway.
I am just not having luck finding a complete tutorial and reference sets to do both these successfully with CakePHP 2.x. What is the way forward?
References:
Stack Overflow question How do I use a table other than "Users" for CakePHP's AuthComponent?
Stack Overflow question CakePHP - 'AuthComponent' with a different model name (not 'User')
(I had a look for answers, but I never quite got the whole answer.)
Make sure your database table "core_users" and model "CoreUser" exists.
When you setup component you can put login/logout redirect here.
var $components = array(
"Auth" => array(
'loginRedirect' => array('controller' => 'dashboard', 'action' => 'index'),
'logoutRedirect' => array('controller' => 'core_users', 'action' => 'login')
),
"Session");
Now in beforeFilter medhod you can put the following
function beforeFilter(){
$this->Auth->authenticate = array(
AuthComponent::ALL => array('userModel' => 'CoreUser', 'scope' => array("CoreUser.status" => 1), "fields" => array("username" => "email", "password" => "your_password_field"), 'Form', 'Basic'
);
}
Above example you can ignore status, if you need to pass any other info on the login verification u can use that. Now about you can remove 'Basic' if you only need form validation.
I hope this would work .
First, model names are generally singular. Are you sure you didn't mean CoreUser which would look in the core_users table?
Secondly, you can use the email field instead of username by setting the fields key on your auth setup.
public $components = array(
'Auth' => array(
'authenticate' => array(
'Form' => array(
'userModel' => 'CoreUser',
'fields' => array('username' => 'email')
)
)
)
);
See the book for more information.
Related
In my AppController I have this code for the component
public $components = array(
'Acl',
'Auth' => array(
'authorize' => array(
'Actions' => array('actionPath' => 'controllers')
),
'unauthorizedRedirect' => array(
'controller' => 'member',
'action' => 'index'
)
),
'Session',
'DebugKit.Toolbar'
);
So, unauthorizedRedirect is working fine. I tried to type the URL the user has no access to and fortunately, I am redirected to 'localhost/appname/member/'.
My concern is that, this only applies to one type of logged in user.
Let us say a logged in user tried to access localhost/appname/admin/add_post/. Since only admins have access to that page, the user will be redirected to localhost/appname/member/. What if it's an admin who accessed an unauthorized page? Of course, that admin will have to redirected somewhere, but not to localhost/appname/member/.
How can I solve this?
I believe there are many ways. You are already using the ACL which is one way. Or another "lazy" way to do this is to use the beforeFilter method inside the AppController.
Ok, so after several hours of researching and stuff I was able to come up with a solution.
This is the code for the AppCntroller:
public $components = array(
'Acl',
'Auth' => array(
'authorize' => array(
'Actions' => array('actionPath' => 'controllers')
),
'unauthorizedRedirect' => false
),
'Session',
'DebugKit.Toolbar'
);
What this does is rather than redirecting the user to another page, it will just show 'error400.ctp'.
Now, we don't want to show the default CakePHP error layout so we still have to edit it or make a custom one.
Create a new file under 'View/Layouts/your_error_file.ctp'. After that, go to 'View/Errors/error_file.ctp' and paste the following code:
$this->layout = 'your_error_file'
I'm using the admin prefix in my Cakephp app, for some admin views. I'm also using Auth to restrict access to those views, based on a role field in the User table. Pretty standard.
The problem is, that when an unauthorized user tries to go to, say, admin/users, (in this case the index action is prohibited), they are redirected to /admin/users/login which of course, doesn't exist.
This doesn't happen with actions that do not have the admin prefix. Those behave just fine.
Why are users being sent to to a login that is prepended by the admin prefix and the prohibited action?
Anyone who is still having trouble with this, according to the documentation you can use an array or a string in loginAction (Documentation).
Using an array and setting 'admin' => false was still giving me trouble, so I tried using a string instead:
public $components = array(
'Auth' => array(
'loginRedirect' => array('controller' => 'dashboards', 'action' => 'home'),
'logoutRedirect' => array('controller' => 'users', 'action' => 'login'),
'loginAction' => '/users/login',
'authorize' => array('Actions')
),
);
This ended up solving my problem. Hopefully it works for you as well.
You need to override the specific prefix in the routing array.
$this->Auth->loginAction = array(
'controller' => 'users',
'action' => 'login',
'admin' => false
);
or, if you're using multiple prefixes, you can dynamically remove the prefix name like this:
$this->Auth->loginAction = array(
'controller' => 'users',
'action' => 'login',
$this->request->prefix => false
);
I've created a simple CMS to manage several small websites built on CakePHP. After successfully migrating the plugin from 1.3 to 2.0 I'm running into a problem with the AuthComponent after updating Cake to the latest version 2.1.2.
The classnames of the plugin are all prefixed by the plugin's name to avoid duplicate classnames, as the application shares most of its tables with the plugin. So there are cases when I have a UsersController for the main application and a PluginNameUsersController for my CMS plugin (or a PostsController and a PluginNamePostsController). The plugin models rely on $useTable to find the correct database table (so PluginNamePostsController still uses posts).
Since upgrading to the 2.1.* branch of Cake the AuthComponent has ceased to work as it expects a non-existent pluginname_users table instead of referring to users.
Is it possible to define a custom table for the AuthComponent or is there any other method to get this working? Also, is this behaviour expected?
The component is configured in PluginNameAppController as follows:
public $components = array(
'Session', 'RequestHandler',
'Auth'=> array(
'loginAction' => array(
'controller' => 'pluginname_users',
'action' => 'login',
'plugin' => 'pluginname'
),
'loginRedirect' => array(
'controller' => 'pluginname_posts',
'action' => 'index',
'plugin' => 'pluginname'
),
'authenticate' => array(
'Form' => array(
'userModel' => 'PluginNameUser',
'fields' => array('username', 'password')
)
)
)
);
The AuthComponent is actually unaware of tables and such. By using a custom model, you can define $table on it to work on a different table. So, the first thing is to set up your plugin's model to use the proper table:
class PluginNameUser extends PluginAppModel {
public $table = 'users';
}
Then, tell your authentication methods to use the plugin's model by using the dot syntax.
'authenticate' => array(
'Form' => array(
'userModel' => 'PluginName.PluginNameUser',
'fields' => array('username', 'password')
)
)
Now when FormAuthenticate tries to authenticate, it will try and find the user using that model, which it now knows is in PluginName. It loads the model, which you've set to use the users table, and looks for the user there.
I want following SEO url like:
www.example.com/users/profile/webfacer
I do not want to use the unique user to fetch from database.
I try to use the Router method connect in my AppController. but I realised that it isn't possible (or not knowing it right now to use it in their also used in routes.php does not helped) like this:
//in AppController
Router::connect('/users/profile/:name',
array(
'controller' => 'users',
'action' => 'profile'
) ,
array(
'pass' => array('id', 'name'),
'id' => '[0-9]+'
)
);
How can I reproduce this link (below the example) with this html link helper to send the id but not show it in the url:
$this->Html->link('webfacer',array(
'controller'=>'users',
'action'=>'profile',
'id'=>1,
'name'=>'webfacer'
));
This would output www.example.com/users/profile/username:webfacer that mean my router doesn't appear to my route options.
Has anybody had the same issues and solved this?
Because you haven't put the :id argument in your route string, Cake won't know what to do when you pass it in the helper, that is why it's just appending it as a normal param in the URL. There is no way to pass a "hidden" id with the URL, you're best bet is to either expose it or at the other end of the app write something that fetches the ID based on the username you pass (make sure this column is indexed and url-safe).
I would just simplify your route to this:
//in AppController
Router::connect('/users/profile/:name',
array(
'controller' => 'users',
'action' => 'profile'
) ,
array('pass' => array('name'),
)
);
And don't bother passing ID to the helper. In your profile action you'd just have something like this:
public function profile($name) {
$user = $this->User->find('first', array('conditions' => array('name' => $name)));
}
I have used ACL in CakePHP 1.3 without a single issue, after 2 weeks of bitter frustrations it still does not work in CakePHP 2.0.
I have followed the Cake ACL tutorial EXACTLY, but nothing happens. All Aros are in correctly, same for ACOS and permissions.
After all this, I can enter all denied actions without a problem.
Hereby my AppController:
public $components = array('Acl','Auth'=> array(
'authenticate' => array(
'Actions',
'Form' => array(
'fields' => array('username' => 'email')
),
)
), 'Session', 'MathCaptcha', 'RequestHandler');
In my BeforeFilter:
$this->Auth->actionPath = 'controllers';
$this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
$this->Auth->logoutRedirect = array('controller' => 'pages', 'action' => 'home');
$this->Auth->loginRedirect = array('controller' => 'users', 'action' => 'profile');
$this->Auth->allow('display');
Does someone have an idea what goes wrong. Thanks!
In CakePHP 2.0 I've made this way:
app/Controller/AppController.php
class AppController extends Controller {
public $components = array(
// others components...
'Session',
'Acl',
'Auth'=> array(
// Setting AUTHORIZATION "What can you do?"
'authorize' => array(
'Actions' => array(
'actionPath' => 'controllers'
)
),
// Setting AUTHENTICATION "Who are you?"
'authenticate' => array(
'Form' => array(
'fields' => array(
'username' => 'email', 'password' => 'password'
)
)
)
)
);
// other stuffs...
With this aproach, ACL will make all dirty job. Is not necessary to check permitions, as you probably know.
I believe you are Ok about AROs and ACOs, not big deal. Just in case:
http://book.cakephp.org/2.0/en/tutorials-and-examples/simple-acl-controlled-application/simple-acl-controlled-application.html#simple-acl-controlled-application
The CakeBook for 2.0 shows a Console plugin called AclExtras that build your ACOs. Your AROs will be built as users and groups are added/deleted. I've used this plugin to generate AROs regarding my already filled tables: http://www.alaxos.ch/blaxos/pages/view/plugin_acl. This works fos 1.3, but there is a beta version for 2.0 that works ok.
After that, You must set up permitions. Manually (or from Console) as this links describes: http://book.cakephp.org/2.0/en/tutorials-and-examples/simple-acl-controlled-application/part-two.html#setting-up-permissions. Or visually with Alaxos's Plugin.
I hope this help! It's worked for me. I'm using CakePHP 2.0.2
The Auth component changed quite a bit from CakePHP 1.3 to 2.0. I bumped into similar issues migrating an app from 1.3 to 2.0. I found that setting the authorize option was where I needed to make my change:
In beforeFilter:
$this->Auth->authorize = array(
'Actions' => array(
'userModel' => 'User',
'actionPath' => 'users'
)
);
The userModel was the model class used in the Aro table. The actionPath is the root level of the actions that Acl checks in the Aco table.
You may also want to deny then allow:
$this->Auth->deny('*');
$this->Auth->allow('display');
Hope this helps.