Authentication & Authorization in CakePHP 2.0

Wed, 26 Oct 2011 14:41:56 -0700 

Hello,

I am a CakePHP newbie. I am implementing login features using
Authentication Component (User model). It works good. However I am
facing problem in Authorization and Statefulness features. Once I am
logged in I am unable to browse to other pages as user seems to be not
logged in.

This is my component variable in AppController:

public $components = array(
        'Session',
        'Auth' => array(
            'loginAction' => array('controller' => 'users', 'action'
=> 'login'),
            'loginRedirect' => array('controller' => 'users', 'action'
=> 'index'),
            'logoutRedirect' => array('controller' => 'home', 'action'
=> 'index'),
            'authError' => 'Did you really think you are allowed to
see that?',
            'authenticate' => array(
                'Form' => array('fields' => array('username' =>
'email', 'password' => 'password')),
                'Basic' => array('userModel' => 'Users.User', 'fields'
=> array('username' => 'email', 'password' => 'password'))
             ),
            'authorize' => array('Controller')
        )
    );

//AppController beforeFilter
function beforeFilter() {

        $this->Auth->autoRedirect = false;
        $this->Auth->userModel = 'User';
        $this->Auth->allow('index', 'view');
    }

//AppController isAuthorized
public function isAuthorized($user) {

        if (isset($user['role']) && $user['role'] == 'admin') {
             return true; //Admin can access every action
        }
        return false; // The rest don't
    }

The user I log in has the role of "admin" set in DB. The user is able
to login properly get redirected to index and then I try to use the
edit feature in the UsersController for which he should be authorized
but apparently instead I get redirected to login page again with the
message "You are not authorized!"

I would be grateful if somebody could chime in and help or provide
pointers as to what I could be doing wrong?

Thanks in advance.

Anand

-- 
Our newest site for the community: CakePHP Video Tutorials 
http://tv.cakephp.org 
Check out the new CakePHP Questions site http://ask.cakephp.org and help others 
with their CakePHP related questions.


To unsubscribe from this group, send email to
[email protected] For more options, visit this group at 
http://groups.google.com/group/cake-php

Reply via email to