Since I'm no expert in Auth component, let me just sing you the song of my
code.
file: routes.php
Router::connect('/users/login', array('controller'=>'users',
'action'=>'login', 'prefix'=>'admin', 'admin'=>true));
file: AppController.php
public $components = array(
'Auth' => array('authorize' => 'Controller',
// this forces admin_login to be the only login method
regardless of prefix
'loginAction' => array(
'controller' => 'users',
'action' => 'login',
'prefix'=>'admin',
'admin' => true))
);
public function beforeFilter(){
if (isset($this->params['prefix'])
&& in_array($this->params['prefix'], array('admin',
'editor'))) {
//not relevant to question, but useful:
Configure::write('Session.timeout', 60 * 4);
$this->layout = 'admin';
$this->Auth->deny();
}
else {
Configure::write('Session.timeout', 60 * 48); //
$this->layout = 'default';
$this->Auth->allow('*');
}
}
public function isAuthorized($user = null) {
// Any registered user can access public functions
if (empty($this->request->params['admin'])
&& empty($this->request->params['editor'])) {
return true;
}
// Only admins can access admin functions
if (isset($this->request->params['admin'])) {
return (bool)($user['role'] === 'admin');
}
// Only editors can access editor functions
if (isset($this->request->params['editor'])) {
return (bool)($user['role'] === 'editor');
}
// Default deny
return false;
}
This works for me (but test it anyways). I'm using 'admin' and 'editor',
but login is always done through *UserController::admin_login()* method,
regardless of prefix.
The login route is always */users/login*, without the prefix.
Is this what you were searching for?
--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
---
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected].
To unsubscribe from this group, send email to
[email protected].
Visit this group at http://groups.google.com/group/cake-php?hl=en.
