What works for me is the following:
1. Put all Auth settings in the App controller
2. Set $this->Auth-allow('all') in each controller's beforeFilter(),
calling parent::beforeFilter() first
3. Test your code one controller at a time and limit access step by step
Wim
On Thu, Sep 9, 2010 at 9:23 PM, cricket <[email protected]> wrote:
> On Thu, Sep 9, 2010 at 12:57 AM, Chuck <[email protected]> wrote:
> > The only beforeFilter that I'm using is in the users_controller. I
> > tried moving it to the app_controller but then it was't authenticating
> > even with the correct password.
>
> Perhaps there was another problem. But some of Auth's config should be
> set in AppController so that, eg, it'll know where to redirect if a
> user tries to access a restricted controller action other than in
> users. The manual is not clear on that point. You can set fields,
> loginRedirect, and logoutRedirect in users. But loginAction should be
> set in AppController.
>
> > I wasn't quite clear with the fact that pages/home flashes briefly. I
> > don't see the page flash, only the URL in the address bar.
>
> OK, that makes sense.
>
> > For the time being I'm removing all the auth code, but if someone can
> > point out how to do the following, I would really appreciate it.
> >
> > I have a users table with an email field to be used as the ID and a
> > password field. Eventually the system would do the following: If no
> > user is logged in, login fields appear in the top right of the screen
> > for pages that are viewable without being logged in. If they are
> > viewing those pages while being logged in, they see links for account
> > settings, etc. If a user requests a page that requires them being
> > logged in, it redirects to the home page. That's pretty much all I
> > want, but can't even get the login to work. I've searched for
> > tutorials and found a few, but none have yet helped me out.
>
> Here's a really basic setup. I've put some of Auth's config in users,
> as you've been doing.
>
> AppController:
>
> public $components = array('Auth', 'Session');
>
> public function beforeFilter()
> {
> parent::beforeFilter();
> $this->Auth->loginAction = array(
> 'controller' => 'users',
> 'action' => 'login'
> );
> }
>
>
> UsersController:
>
> public function beforeFilter()
> {
> parent::beforeFilter();
>
> $this->Auth->fields = array(
> 'username' => 'email',
> 'password' => 'password'
> );
>
> $this->Auth->loginRedirect = array(
> 'controller' => ...,
> 'action' => ...
> );
>
> $this->Auth->logoutRedirect = array(
> 'controller' => ...,
> 'action' => ...
> );
> }
>
>
>
> layout (explained below):
>
> <?php
> if ($this->params['action'] != 'login') echo
> $this->element('users/login_form');
> ?>
>
> views/users/login.ctp:
>
> <h2>login</h2>
>
> <div id="login">
> <?= $this->element('users/login_form') ?>
> </div>
>
>
> views/elements/users/login_form.ctp:
>
> echo $form->create('User', array('action' => 'login'));
> ...
> echo $form->end();
>
>
> So, the layout includes the login form in every page, except the login
> page, where the form is included into the main body. If a person tries
> logging in--and fails--from any regular page, Auth will redirect to
> the login page.
>
> I'm not satisfied with the test in the layout. It really should be
> testing Router's URL array against Auth::loginAction. But I couldn't
> come up with a way to do that in the layout. So, testing the
> params['action'] string is a tiny cheat.
>
> Check out the new CakePHP Questions site http://cakeqs.org and help others
> with their CakePHP related questions.
>
> You received this message because you are subscribed to the Google Groups
> "CakePHP" group.
> To post to this group, send email to [email protected]
> To unsubscribe from this group, send email to
> [email protected]<cake-php%[email protected]>For
> more options, visit this group at
> http://groups.google.com/group/cake-php?hl=en
>
Check out the new CakePHP Questions site http://cakeqs.org and help others with
their CakePHP related questions.
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to [email protected]
To unsubscribe from this group, send email to
[email protected] For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
