I set up the basic Authentication/Authorization set up, but a problem now is that every time I try to access the http://localhost:1234/, it requires user to login.
How/Where do I make the Auth->authorize("index") on the main page?
In the beforeFilter() of your controller
add the following piece of code
> $this->Auth->allow('actionname');
for suppose if I want to allow adding/registering of user without logging in then I would do like this in the beforeFilter() function of the users_controller.php file.
> $this->Auth->allow('add');
Inside app_controller.php's beforeFilter():
$this->Auth->authorize("display");
fixed the problem.
for cakephp 1.3 you have to do it now like this:
var $components = array(
'Auth' => array(
'authorize' => 'controller',
'allowedActions' => array('index','**display**');
)
);
And remember that you also can config a router:
Router::connect('/facebook', array('controller' => 'pages', 'action' => '**display**', 'facebook'));
Related
I understand that we can pass settings for a component when we define the component at the start of a controller. Example from the CakePHP 2.0 Cookbook
public $components = array(
'Auth' => array(
'authorize' => array('controller'),
'loginAction' => array(
'controller' => 'users',
'action' => 'login'
)
),
'Cookie' => array('name' => 'CookieMonster')
);
But I usually load components on the fly like so (also from the Cookbook)
$this->OneTimer = $this->Components->load('OneTimer');
While using the second method (loading a component on the fly), how can I pass settings to it so that I can use them in the constructor to correctly setup the component based on the settings?
Any help would be greatly appreciated.
2 minutes after asking the question I looked at the load function in the library and found that settings is the second argument for the function.
public function load($component, $settings = array())
So I just need to supply the settings as the second parameter when I load components on the fly.
In my AppController I have this code for the component
public $components = array(
'Acl',
'Auth' => array(
'authorize' => array(
'Actions' => array('actionPath' => 'controllers')
),
'unauthorizedRedirect' => array(
'controller' => 'member',
'action' => 'index'
)
),
'Session',
'DebugKit.Toolbar'
);
So, unauthorizedRedirect is working fine. I tried to type the URL the user has no access to and fortunately, I am redirected to 'localhost/appname/member/'.
My concern is that, this only applies to one type of logged in user.
Let us say a logged in user tried to access localhost/appname/admin/add_post/. Since only admins have access to that page, the user will be redirected to localhost/appname/member/. What if it's an admin who accessed an unauthorized page? Of course, that admin will have to redirected somewhere, but not to localhost/appname/member/.
How can I solve this?
I believe there are many ways. You are already using the ACL which is one way. Or another "lazy" way to do this is to use the beforeFilter method inside the AppController.
Ok, so after several hours of researching and stuff I was able to come up with a solution.
This is the code for the AppCntroller:
public $components = array(
'Acl',
'Auth' => array(
'authorize' => array(
'Actions' => array('actionPath' => 'controllers')
),
'unauthorizedRedirect' => false
),
'Session',
'DebugKit.Toolbar'
);
What this does is rather than redirecting the user to another page, it will just show 'error400.ctp'.
Now, we don't want to show the default CakePHP error layout so we still have to edit it or make a custom one.
Create a new file under 'View/Layouts/your_error_file.ctp'. After that, go to 'View/Errors/error_file.ctp' and paste the following code:
$this->layout = 'your_error_file'
I'm building an application using CakePHP and trying to incorporate a custom authentication object but it does not seem to be able to find it. I get the following error when I try to log in: "Authentication adapter "LdapAuthorize" was not found". I have created the file app/Controller/Component/Auth/LdapAuthorize.php with my code for my authentication. Near the top of "AppController.php" I have
App::uses('LdapAuthroize', 'Controller/Component/Auth/LdapAuthorize');
and within the AppController class I have
public $components = array(
'Session',
'Auth' => array(
'loginRedirect' => array('controller' => 'pendings', 'action' => 'index'),
'logoutRedirect' => array('controller' => 'users', 'action' => 'login'),
'authorize' => array('Controller'),
'authenticate' => array('LdapAuthorize')
)
);
and then in my UsersController.php I have the following login function.
public function login() {
if($this->request->is('post')) {
if($this->Auth->login()) {
// My Login stuff...
}
else
$this->redirect(array('controller'=>'someController', 'action'=>'someAction'));
}
}
If anyone has any idea why it can't seem to load my custom authentication object that would be awesome. Thanks!
I put my custom authentication class inside Controller/Component/Auth. For example, the name of my class is CustomUserAuthenticate and the path to the file is,
Controller/Component/Auth/CustomUserAuthenticate.php.
Then in my AppController I added the following to the authenticate array,
class AppController extends Controller {
public $components = array(
'Auth' => array(
/** Any other configuration like redirects can go here */
'authenticate' => array(
'CustomUser'
)
)
);
}
The string in the authenticate array must match the name of the class except for the Authenticate word.
My CustomUserAuthenticate class extends CakePHP's Controller/Component/Auth/BaseAuthenticate and overrides the authenticate method. CakePHP's documentation states that this is not required. I haven't tried that way.
I think your App::uses() is wrong so it can't find the class. Your current code:
App::uses('LdapAuthroize', 'Controller/Component/Auth/LdapAuthorize');
Is trying to find Controller/Component/Auth/LdapAuthorize/LdapAuthroize.php
The first parameter is the class name (you have a typo with that), the second is just the path to the directory containing the class, you don't need to add the class name again.
Try this:
App::uses('LdapAuthorize', 'Controller/Component/Auth');
I want following SEO url like:
www.example.com/users/profile/webfacer
I do not want to use the unique user to fetch from database.
I try to use the Router method connect in my AppController. but I realised that it isn't possible (or not knowing it right now to use it in their also used in routes.php does not helped) like this:
//in AppController
Router::connect('/users/profile/:name',
array(
'controller' => 'users',
'action' => 'profile'
) ,
array(
'pass' => array('id', 'name'),
'id' => '[0-9]+'
)
);
How can I reproduce this link (below the example) with this html link helper to send the id but not show it in the url:
$this->Html->link('webfacer',array(
'controller'=>'users',
'action'=>'profile',
'id'=>1,
'name'=>'webfacer'
));
This would output www.example.com/users/profile/username:webfacer that mean my router doesn't appear to my route options.
Has anybody had the same issues and solved this?
Because you haven't put the :id argument in your route string, Cake won't know what to do when you pass it in the helper, that is why it's just appending it as a normal param in the URL. There is no way to pass a "hidden" id with the URL, you're best bet is to either expose it or at the other end of the app write something that fetches the ID based on the username you pass (make sure this column is indexed and url-safe).
I would just simplify your route to this:
//in AppController
Router::connect('/users/profile/:name',
array(
'controller' => 'users',
'action' => 'profile'
) ,
array('pass' => array('name'),
)
);
And don't bother passing ID to the helper. In your profile action you'd just have something like this:
public function profile($name) {
$user = $this->User->find('first', array('conditions' => array('name' => $name)));
}
After migrating a fully functional Cake 1.3 application to the recently released 2.0 version Authentication has ceased to work.
I've changed the calling of the AuthComponent and the structure of the login action according to the updated 2.0 manual, to no avail. The strange thing is the user is actually validated by $this->Auth->login() as it reaches the part of the login function where the user is redirect to the url set by $this->Auth->redirect(). After that redirect however, $this->Auth->user() returns empty (as well as AuthComponent::user()) and the user isn't logged in by the Auth component.
Cake doesn't throw any error during the process, the flash messages for 'auth' remain empty.
Users are stored in a simple database table containing id, username, email, password and timestamp columns. The passwords are hashed and I've added some users using the new Cake 2.0 methods.
This is the code of AppController.php:
<?php
class AppController extends Controller {
public $helpers = array('Session', 'Html', 'Time', 'Form', 'Text');
public $components = array('Session', 'RequestHandler', 'Auth');
public function beforeFilter() {
$this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
$this->Auth->loginRedirect = array('controller' => 'maps', 'action' => 'index');
$this->Auth->logoutRedirect = array('controller' => 'maps', 'action' => 'index');
}
}
?>
UserController.php:
<?php
class UsersController extends AppController {
public $name = 'Users';
function beforeFilter() {
parent::beforeFilter();
}
function login() {
if ($this->request->is('post')) {
if ($this->Auth->login()) {
return $this->redirect($this->Auth->redirect());
}
}
}
function logout() {
$this->redirect($this->Auth->logout());
}
}
?>
User.php model. I've disabled form validation for the time being after I solve this problem:
<?php
class User extends AppModel {
public $name = 'User';
}
?>
The login view:
<?php
echo $this->Form->create('User');
echo $this->Form->input('username', array('label' => 'Username', 'before' => '<p class="input" id="username">', 'after' => '</p>', 'between' => '<br />', 'div' => false));
echo $this->Form->input('password', array('label' => 'Password', 'before' => '<p class="input" id="password">', 'after' => '</p>', 'between' => '<br />', 'div' => false));
echo $this->Form->end('Login');
?>
I also tried to setting some of the Auth features in the $components variable in the AppController, which didn't work as well:
public $components = array(
'Auth'=> array(
'loginAction' => array(
'controller' => 'users',
'action' => 'login',
),
'loginRedirect' => array(
'controller' => 'maps',
'action' => 'index',
),
'authenticate' => array(
'Form' => array(
'fields' => array('username', 'password')
)
)
)
);
What's causing the problem here? Routing maybe? I've commented out all routes except:
require CAKE . 'Config' . DS . 'routes.php';
UPDATE:
After adding some debug statements in the login method in the UsersController I now know $this->Auth->user() is actually populated with the correct user after the call to $this->Auth->login(). After the redirect to another controller the login session is lost completely, however. So I still don't know what's going wrong here.
UPDATE 2
I've restarted the process of migrating by taking my working 1.3 application and running the migration console script on it like I did the last time.
This time I noticed the script stopped because of two errors relating to custom components. Component classes should extend Component now, instead of the 1.3 default: Object.
After fixing these component errors I ran the migration script again (something I neglected to do during the first migration attempt) and implemented the new AuthCompenent call. So far everything seems to be working correctly. Not sure what's different now and what went wrong the first time, as Cake didn't output any error messages.
UPDATE 3
It's getting weirder. I thought I solved it, but after transferring my code to another development machine Auth suddenly stops working. It's working on my main setup, but while testing on another it fails again following the same scenario. I've cleared the cache to be sure, but it still isn't working. Cake doesn't generate any error output.
UPDATE 4
It appears to be a Session problem on my machine. I've just set the Session to be stored in a cookie and suddenly Auth starts working again. Not sure why the default Session isn't working and I don't know where to start debugging in that case.
Only cookie sessions appear to work, defining a database session has the same result as a regular session; Auth stops working.
Try it with use_trans_sid enabled in /Config/core.php:
Configure::write('Session', array(
//'defaults' => 'php'
'defaults' => 'cake',
'cookie' => 'CAKEPHP2',
'ini' => array('session.use_trans_sid' => true)
));
Did you try also to configure the Authentication handler ?
public $components = array(
'Auth'=> array(
'authenticate' => array('Form')
)
);