-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Tom,
I'm using beforeFilter in my app/app_controller.php to check for existence of a valid_login entry in my cake session. That valid_login entry gets set from my app/controllers/users_controller. When a user tries to hit a protected section of my application (which is all parts of my app), app_controller's beforeFilter redirects them to /users/login unless that valid_login entry exists in my cake session. This /users/login action is where I present a form requesting username and password, when there is no post data, or verify the posted username and password as valid. I'm making use of http://www.openwall.com/phpass/ for password hashing. Hope this helps, Darian tom wrote: > Hi, > > I'm very experienced with PHP and somewhat experienced with CakePHP. > I'm interested in building a simple app, but one of the things that I'm > not sure how to do is user authentication. Is there a best practice for > this? It seems like some people use rdAuth, which might be broken, and > some use Access Control Manager, which is definitely broken, and some > build their own with dbACL, but there's no documentation for that (or > for the other two options.) Is there a good way to go about this? > > Thanks, > > Tom > > > > - -- Darian Anthony Patrick <[EMAIL PROTECTED]> -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.2.2 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iD8DBQFEXriTKpzEXPWA4IcRAtAuAJ0fuXGywiBP4ws8+GVftFME2uWZ/gCeN/FI KqrD1vJe30zRNFLcFmfFnyA= =C2tO -----END PGP SIGNATURE----- --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php -~----------~----~----~----~------~----~------~--~---
