I just followed the tutorial in the book. The only custimization I made was
was using the email field instead of the username field.
Here is my AppController:
class AppController extends Controller {
public $uses = array('User');
public $components = array(
'Session',
'Auth' => array(
'loginRedirect' => array('controller' => 'posts', 'action' =>
'index'),
'logoutRedirect' => array('controller' => 'pages', 'action' =>
'display', 'home')
)
);
public function beforeFilter() {
$this->Auth->allow('index', 'view');
$this->set('logged_in', $this->Auth->LoggedIn());
$this->set('current_user', $this->Auth->user());
//debug($this->Session->read('Auth.User'));
}
public function isAuthorized($user) {
return TRUE;
}
}
And here is my Users/login action:
public function login() {
if ($this->request->is('post')) {
if ($this->Auth->login($this->request->data)) {
return $this->redirect($this->Auth->redirect());
} else {
$this->Session->setFlash(__('Username or password is
incorrect'), 'default', array(), 'auth');
}
}
}
The beforeFilter in my Users controller:
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->fields = array('username' => 'email', 'password' =>
'password');
$this->Auth->allow('add', 'logout');
}
On Wednesday, June 20, 2012 12:31:35 AM UTC-6, Борислав Събев wrote:
>
> This could be the case - a wrongly implemented Authentication system. @Joey
> Hauschildt $this->Auth->user() and the "Auth.User" Session key should both
> return/contain the full user information - i.e. all fields from the users
> DB table. This behaviour is strange. Can you provide more info on your
> exact implementation.
>
> Cheers,
> Borislav.
>
>
> On Wednesday, 20 June 2012 00:36:24 UTC+3, Max Dörfler wrote:
>>
>>
>> http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html#identifying-users-and-logging-them-in
>>
>> "In 2.0 $this->Auth->login($this->request->data) will log the user in
>> with whatever data is posted, whereas in 1.3
>> $this->Auth->login($this->data) would try to identify the user first and
>> only log in when successful."
>>
>> I assume you are yousing 2.x. I guess this is what you are looking for.
>> Call login() without params.
>>
>> On 06/19/2012 11:18 PM, Joey Hauschildt wrote:
>>
>> I am. All passwords in the db are hashed. The problem seems to be that
>> instead of getting info from the users table, it is only filling
>> debug($this->Session->read('Auth.User'));
>> and debug($this->Auth->User()) with data from the form. Otherwise the
>> password would be hashed. It has nowhere else to get an unhashed password
>> from. This seems like a pretty poor choice for default behavior. I would
>> prefer that my app didn't store passwords from the form anywhere.
>>
>> On Tuesday, June 19, 2012 2:50:45 PM UTC-6, Jeremy Burns wrote:
>>>
>>> You should be hashing the password before saving it.
>>>
>>> Jeremy Burns
>>> Class Outfit
>>>
>>> http://www.classoutfit.com
>>>
>>> On 19 Jun 2012, at 19:41:30, Joey Hauschildt wrote:
>>>
>>> debug($this->Session->read('Auth.User'));
>>> and debug($this->Auth->User()); both return:
>>>
>>> array(
>>> 'User' => array(
>>> 'password' => '*****',
>>> 'email' => '[email protected]'
>>> )
>>> )
>>>
>>> These are the fields that the user uses to log in. The password isn't
>>> even hashed. When I print_r, it displays the actual password. I would like
>>> to have access to other user info like an ID or role. Do I need to use my
>>> own query to get this info or should the Auth Component be grabbing that
>>> stuff for me?.
>>>
>>> --
>>> Our newest site for the community: CakePHP Video Tutorials
>>> http://tv.cakephp.org
>>> Check out the new CakePHP Questions site http://ask.cakephp.org and
>>> help others with their CakePHP related questions.
>>>
>>>
>>> To unsubscribe from this group, send email to
>>> [email protected] For more options, visit this
>>> group at http://groups.google.com/group/cake-php
>>>
>>>
>>> --
>> Our newest site for the community: CakePHP Video Tutorials
>> http://tv.cakephp.org
>> Check out the new CakePHP Questions site http://ask.cakephp.org and help
>> others with their CakePHP related questions.
>>
>>
>> To unsubscribe from this group, send email to
>> [email protected] For more options, visit this group
>> at http://groups.google.com/group/cake-php
>>
>>
>>
--
Our newest site for the community: CakePHP Video Tutorials
http://tv.cakephp.org
Check out the new CakePHP Questions site http://ask.cakephp.org and help others
with their CakePHP related questions.
To unsubscribe from this group, send email to
[email protected] For more options, visit this group at
http://groups.google.com/group/cake-php
