More and more bizarre. When I removed the isAuthorized() *and* the
login() methods, I can still log in.

AppController:

function beforeFilter()
{
        $this->Auth->fields = array('username' => 'email', 'password' => 
'password');
        //$this->Auth->authorize = 'controller';
        $this->Auth->loginAction = array('controller' => 'users', 'action' => 
'login');
        $this->Auth->logoutRedirect = '/';
        $this->Auth->autoRedirect = true;
        $this->Auth->userScope = array('User.enabled' => 1);
}

class UsersController extends AppController {

        var $name = 'Users';

        function beforeFilter()
        {
                parent::beforeFilter();
                $this->Auth->allow('logout', 'newPassword');
        }
        function login()
        {
                die(debug('WTF?'));
        }

Why/how can I log in successfully?

On Thu, Jul 3, 2008 at 12:32 PM, b logica <[EMAIL PROTECTED]> wrote:
> I'm having some trouble figuring out how to log in. I thought I had
> this working but it turns out not to be the case.
>
> From what I understand, the isAuthorized() method is called *after* a
> successful login. But it seems that its presence causes login() to be
> skipped entirely. My AppController has the following:
>
> function beforeFilter()
> {
>        $this->Auth->fields = array('username' => 'email', 'password' => 
> 'password');
>        $this->Auth->authorize = 'controller';
>        $this->Auth->loginAction = array('controller' => 'users', 'action' => 
> 'login');
>        ...
> }
>
> function isAuthorized()
> {
>        if (isset($this->params[Configure::read('Routing.admin')]))
>        {
>                if ($this->Auth->user('model') != 'Admin')
>                {
>                        return false;
>                }
>        }
>        return true;
> }
>
> For the moment, I don't require any particular controller to have is
> Authorized(). In my UsersController, I have a login method that sets a
> few things in the session. But, I found that the method was not even
> being used in order to login. When I temporarily changed the name of
> the above isAuthorized(), the login() would be called. However, I'd
> then be faced with the "You are not authorized ..." msg.
>
> When I commented out the $this->Auth->authorize = 'controller'; line
> in beforeFilter(), I was able to log in, though the UsersController
> login() is not used. What the heck is going on here?
>
> So, it seems that I have a bit of chicken & egg situation. What's the
> proper way to use this?
>

--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups 
"CakePHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at 
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---

Reply via email to