For some reason beforefilter is not executed in appcontroller when I am in the admin section.
I test it with die(); and it still goes through. What could be the problem?
When I am logged out, it forwards to login, appcontroller is executed. When I log in, I get the problem.
Router:
Router::connect('/', array('controller' => 'static', 'action' => 'index'));
/**
* ...and connect the rest of 'Pages' controller's urls.
*/
Router::connect('/pages/*', array('controller' => 'pages', 'action' => 'display'));
/**
* PLUGIN MATCH
*/
if ($plugins = Configure::listObjects('plugin')) {
$pluginMatch = implode('|', array_map(array('Inflector', 'underscore'), $plugins));
Router::connect( "/:language/:plugin/:controller/:action/*", array('action' => null), array('plugin' => $pluginMatch) );
}
/**
* ADMIN
*/
Router::connect('/:language/admin/:controller/:action/*', array('action' => null, 'admin'=> true), array('language' => '[a-z]{3}'));
Router::connect('/:language/admin', array('controller' => 'admin', 'action' => 'index'), array('language' => '[a-z]{3}')); //...and set the admin default page
/**
* LANGUAGES
*/
Router::connect('/:language/home', array('controller' => 'static', 'action' => 'index'));
Router::connect('/:language/about', array('controller' => 'static', 'action' => 'about'));
// ...and more of those regular redirects here
Appcontroller beforeFilter:
function beforeFilter(){
die();
// LANGUAGES
$this->_setLanguage();
$this->Auth->authorize = 'actions'; // CAN SOMEBODY EXPLAIN TO ME WHAT THIS DOES?
$this->Auth->logoutRedirect = array( 'controller' => 'static', 'action' => 'index', 'language'=>$this->Session->read('Config.language'));
$this->Auth->loginRedirect = array( 'controller' => 'galleries', 'action' => 'index', 'language'=>$this->Session->read('Config.language'));
$this->Auth->loginAction = array( 'controller'=>'users', 'action'=>'login', 'plugin'=>null,'language'=>$this->Session->read('Config.language'));
// ACO
$this->Auth->actionPath = 'controllers/'; // The main ACO. Maybe we need to change something for languages?
if($this->Auth->user()){
$this->set('u', $this->Auth->user());
}
}
Why is this?
does the specific controller have a beforeFilter? and does it call parent::beforeFilter?
the simple stuff sometimes is overlooked.
Related
I am using cakeDC's user plugin and I am having an issue when using the routes.
When i go to my domain.com/login I get redirected to my domain.com/users/login with the flash message "You are not authorized to access that location."
Routes.php
CakePlugin::routes();
Router::connect('/users', array('plugin' => 'users', 'controller' => 'users'));
Router::connect('/users/index/*', array('plugin' => 'users', 'controller' => 'users'));
Router::connect('/users/:action/*', array('plugin' => 'users', 'controller' => 'users'));
Router::connect('/users/users/:action/*', array('plugin' => 'users', 'controller' => 'users'));
Router::connect('/login', array('plugin' => 'users', 'controller' => 'users', 'action' => 'login'));
Router::connect('/logout', array('plugin' => 'users', 'controller' => 'users', 'action' => 'logout'));
Router::connect('/register', array('plugin' => 'users', 'controller' => 'users', 'action' => 'add'));
AppController.php
function beforeFilter() {
parent::beforeFilter();
//$this->Auth->allow('index');
$this->set('logged_in', $this->Auth->loggedIn());
$this->set('current_user', $this->Auth->user());
$this->Auth->fields = array('username' => 'username', 'password' => 'passwd');
$this->Auth->loginAction = array('plugin' => 'users', 'controller' => 'users', 'action' => 'login', 'admin' => false);
$this->Auth->loginRedirect = '/';
$this->Auth->authError = __('Sorry, but you need to login to access this location.', true);
$this->Auth->loginError = __('Invalid username / password combination. Please try again', true);
$this->Auth->autoRedirect = true;
$this->Auth->userModel = 'User';
$this->Auth->userScope = array('User.active' => 1);
if ($this->Auth->user()) {
$this->set('userData', $this->Auth->user());
$this->set('isAuthorized', ($this->Auth->user('id') != ''));
}
}
The bellow line shouldn't be wrapped in the if statement:
$this->Auth->allow('login');
Take a look at this question. It might help you.
This issue I was seeing was the cause of the cache holding some details and then conflicting. I solved by
public function beforeRender() {
$this->response->disableCache();
}
I am using the CakeDC users plugin and I am having trouble getting only admins to be able to view the admin section as it stands any registered user can access admin. what am i doing wrong?
AppController.php
class AppController extends Controller {
public $components = array(
'DebugKit.Toolbar',
'Auth' => array('authorize' => array('Controller')
)
);
public function isAuthorized($user = null) {
// Any registered user can access public functions
if (empty($this->request->params['admin'])) {
return true;
}
// Only admins can access admin functions
if (isset($this->request->params['admin'])) {
return (bool)($user['role'] === 'admin');
}
// Default deny
return false;
}
public function beforeFilter(){
$this->Auth->allow("display");
if ($this->Auth->loggedIn()) {
$this->layout = 'loggedin';
}
}
}
UsersController.php (from the CakeDC users plugin controller)
//other code here
public function isAuthorized($user = null) {
return parent::isAuthorized($user);
}
//other code here
routes.php
Router::connect('/users', array('plugin' => 'users', 'controller' => 'users'));
Router::connect('/users/index/*', array('plugin' => 'users', 'controller' => 'users'));
Router::connect('/users/:action/*', array('plugin' => 'users', 'controller' => 'users'));
Router::connect('/users/users/:action/*', array('plugin' => 'users', 'controller' => 'users'));
Router::connect('/login', array('plugin' => 'users', 'controller' => 'users', 'action' => 'login'));
Router::connect('/logout', array('plugin' => 'users', 'controller' => 'users', 'action' => 'logout'));
Router::connect('/register', array('plugin' => 'users', 'controller' => 'users', 'action' => 'add'));
Router::connect('/admin', array('plugin' => 'users', 'controller' => 'users', 'admin' => true));
Router::connect('/admin/:action/*', array('plugin' => 'users', 'controller' => 'users', 'admin' => true));
core.php
Configure::write('Routing.prefixes', array('admin'));
EDIT:
isAuthorized() was not being called when i called the authorize = array('Controller') in the components. Had to add this in the beforeFilter() of the AppController: $this->Auth->authorize = 'Controller';
In function isAuthorized:
$this->request->params['admin']
always not empty, so it return true value :)
I am new to cakephp. I have a problom while login. With wrong name and password redirects to login home page.
UsersController.php
public function login() {
$this->layout = 'admin-login';
if ($this->request->is('post')) {
if ($this->Auth->login($this->request->data)) {
return $this->redirect($this->Auth->redirectUrl())
} else {
$this->Session->setFlash(__('Username or password is incorrect'), 'default', array(), 'auth');
}
}
}
AppController.php
public $components = array(
'Session',
'Auth' => array(
'loginRedirect' => array('controller' => 'users', 'action' => 'index'),
'logoutRedirect' => array('controller' => 'users', 'action' => 'login'),
'loginAction' => array('controller' => 'users', 'action' => 'login')
)
);
public function beforeFilter() {
$this->Auth->allow("login");
//$this->Auth->authorize = array('Controller');
$this->Auth->authenticate = array(
'Form' => array (
'scope' => array(
'User.is_active' => 1
)
)
);
}
public function isAuthorized($user) {
return true;
}
login.ctp
echo $this->Form->create('User');
echo $this->Form->input('username');
echo $this->Form->input('password');
echo $this->Form->submit(__('Submit');
echo $this->Form->end();
When i fill the wrong username & password & click on submit button it redirect to home page, Thanks.
You are using AuthComponent::login() wrong, you are only supposed to pass data to it in case you want to manually login a user, ie without automatic authentication.
If you want to use the components authentication functionality just call $this->Auth->login()
See also: http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html#identifying-users-and-logging-them-in
In 2.x $this->Auth->login($this->request->data) will log the user in with whatever data is posted, whereas in 1.3 $this->Auth->login($this->data) would try to identify the user first and only log in when successful.
usercontroller
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow('login','logout');
}
public function login()
{
$this->layout= 'login';
if ($this->request->is('post')) {
if ($this->Auth->login()) {
$this->redirect('/users');
else {
$this->Session->setFlash(__('Invalid email or password, please try again'));
}
}
else{
if($this->Auth->loggedIn())
$this->redirect('index');
}
}
}
AppController
class AppController extends Controller {
public $components = array(
'Session',
'Auth' => array(
'authenticate' => array(
'Form' => array(
'userModel' => 'User',
'fields' => array(
'username' => 'user_name',
'password' => 'password'
)
)
),
'loginAction' => array('controller' => 'users', 'action' => 'login'),
'loginRedirect' => array('controller' => 'users', 'action' => 'dashboard'),
'logoutRedirect' => array('controller' => 'users', 'action' => 'login'),
'authError' => 'You don\'t have access here.',
/*
'loginAction' => array('controller' => 'users', 'action' => 'forgot_password'),
'loginRedirect' => array('controller' => 'users', 'action' => 'dashboard'),
'logoutRedirect' => array('controller' => 'users', 'action' => 'forgot_password'),
'authError' => 'You don\'t have access here.',
*/
),
);
I make something horribly wrong in Cake 2.3.6 stable. I followed the Auth tutorial and added in the AppController:
public function beforeFilter() {
$this->Auth->allow('index', 'view');
}
But when I enter the site on the homepage, cake throws that I´m not authorized to access that location.
With no effect I tried in the PagesController:
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow('index');
}
I double checked the tutorial and my code, there are no differences except I had to swap "$this->Post" with "$this->Calclulation" in CalculationsController.
Furthermore the login- and logout-redirects in AppController doesn´t work.
public $components = array(
'Session',
'Auth' => array(
'loginRedirect' => array('controller' => 'calculations', 'action' => 'index'),
'logoutRedirect' => array('controller' => 'pages', 'action' => ''),
'authorize' => array('Controller')
)
);
How could it be solved? Thanks in advance :)
Please, check default routers. app/Config/routes.php
Router::connect('/', array('controller' => 'pages', 'action' => 'display', 'home'));
Router::connect('/pages/*', array('controller' => 'pages', 'action' => 'display'));
this mean, that home page is actulay rendered by pages controller and action display,
so, you should allow display
$this->Auth->allow('display');
Firstly, I understand there have been many questions and solutions about this but none I've found fix my issue.
In summary, the Html helper is not reverse routing correctly and instead of URLs like this:
http://website.com/user_of_website/slug_name
I get URLs like this:
http://website.com/things/view/username:user_of_website/slug:a_thing
Here is my router setup:
Router::connect('/', array('controller' => 'pages', 'action' => 'display', 'home'));
/**
* ...and connect the rest of 'Pages' controller's urls.
*/
Router::connect('/pages/*', array('controller' => 'pages', 'action' => 'display'));
//User routes
Router::connect('/login', array('controller' => 'users', 'action' => 'login'));
Router::connect('/logout', array('controller' => 'users', 'action' => 'logout'));
Router::connect('/register', array('controller' => 'users', 'action' => 'add'));
Router::connect('/users/:action/*', array('controller' => 'users'));
Router::connect('/things/:action/*', array('controller' => 'things'));
Router::connect(
'/:username/:slug',
array(
'controller' => 'things',
'action' => 'view'
),array(
'username' => '[a-zA-Z0-9_]+',
'slug' => '[a-zA-Z0-9_]+',
'pass'=>array(
'username',
'slug'
)
)
);
Router::connect('/:userName', array('controller' => 'things', 'action' => 'user'),array('pass'=>array('userName')));
And my Html helper:
echo $this->Html->link('View', array(
'controller' => 'things',
'action' => 'view',
'username' => 'user_of_website',
'slug' => 'a_thing'
),array(
'class' => 'text-warning'
));
I really can't see what I'm doing wrong. Any help greatly appreciated.
NB, I'm using CakePHP 2.3
Have you tried if it works if you disable the 'regular' routes for things? E.g. /things/:action/*.
My guess is that, because of the wildcard, this route will match the URL as well, and, because it is defined before your custom route, will be matched in stead.
If that resolves the problem, you may try to move that route below your 'custom' route