I'm using CakePHP 2.10.9 version and trying to use token-based authentication instead of session-based authentication.
I couldn't find any information on how to use JWT with CakePHP 2.x.
Here is what I have tried so far. As a first step, I downloaded the plugin t73biz/cakephp2-jwt-auth and added this into the folder app/Plugin/JwtAuth. As mentioned in the usage(https://github.com/t73biz/cakephp2-jwt-auth), I added below configuration in the app/Controller/AppController.php
var $components = array(
'Auth' => array(
'authenticate' => array(
'JwtAuth.JwtToken' => array(
'fields' => array(
'username' => 'username',
'password' => 'password',
'token' => 'public_key',
),
'parameter' => '_token',
'userModel' => 'User',
'scope' => array('User.active' => 1),
'pepper' => 'sneezing',
),
),
),'Session','RequestHandler','Email','Flash');
From my past experience with Plugin's, I knew I'm supposed to include the plugin in bootstrap.php.
CakePlugin::load('JwtAuth');
I don't know what am I supposed to do after this. Could someone guide me?
I think you didn't read the the Authentication part
=> The query string parameter defined as parameter in the config array (defaults to _token)
=>The contents of the header defined as header in the config array (defaults to X_JSON_WEB_TOKEN)
It means when you access any method then you have to pass the JWT toekn with query params or Header request.
Sample Query params:
http://example.com/users/add?_token=THEJWTWEVTOKEN
Related
I'm using zf2 apigility in my web application. With production mode, if config_cache_enabled is true in config/application.config.php, I get this message error when requesting access_token:
The storage configuration for OAuth2 is missing
If I set it to false, I get my access token.
So my problem is to have config_cache_enabled set to true and a successful request for getting the access token in production mode, due to best performance when configuration is cached. How to do that ?
This is my zf-mvc-auth configuration :
'zf-mvc-auth' => array(
'authentication' => array(
'adapters' => array(
'CustomStorage' => array(
'adapter' => 'ZF\\MvcAuth\\Authentication\\OAuth2Adapter',
'storage' => array(
'storage' => 'Application\\Adapter\\OAuth\\CustomPdoAdapter',
'route' => '/oauth',
),
),
),
),
),
This is my oauth2.local.php :
'zf-oauth2' => array(
'db' => array(
'dsn' => 'mysql:dbname=mydatabase;host=localhost',
'username' => 'root',
'password' => '',
),
'allow_implicit' => true,
'access_lifetime' => 3600,
'enforce_state' => true,
'storage' => 'Application\Adapter\OAuth\CustomPdoAdapter',
'storage_settings' => array(
'user_table' => 'users',
),
'options' => array(
'always_issue_new_refresh_token' => true,
),
),
I think it is well configured.
Did you setup your zf-mvc-auth correctly. In the module.config.php you can read that you have to define a storage key. There is also written how you can do this:
To specify the storage instance, you may use one of two approaches:
Specify a "storage" subkey pointing to a named service or an array
of named services to use.
Specify an "adapter" subkey with the value "pdo" or "mongo", and
include additional subkeys for configuring a ZF\OAuth2\Adapter\PdoAdapter
or ZF\OAuth2\Adapter\MongoAdapter, accordingly. See the zf-oauth2
documentation for details.
If you are on production mode and "config_cache_enabled" it's true, you need to delete files on data/cache folder
In one laravel project, I would have two auth method:
API client authentication (to check if client can query the API) with dedicated eloquent model (something like APIUser)
User authentication (to check user credential) with another dedicated model (Something User)
I would like to authenticate through first auth system then check a user credential through second auth system. Example :
curl -u a:b myapi/?user=c&pass=d
So a&b are login and password for API client authentication and c&d are login and password for user authentication. What can be the best way to do that: create a multi-auth system ? or consider only one system is for auth, the other is just querying database ? or something else ? (hope my question is clear enough, I can edit if you need)
Multiauth works like a build-in laravel auth, but allow few independent auth sessions (you can login on first, second or both accounts).
Use Ollieread's MultiAuth extension for Laravel. It sets everything up for you. Just open up the file app/config/auth.php and replace this array:
return array(
'driver' => 'eloquent',
'model' => 'User',
'table' => 'users',
'reminder' => array(
'email' => 'emails.auth.reminder',
'table' => 'password_reminders',
'expire' => 60,
),
);
with
return array(
'multi' => array(
'admin' => array(
'driver' => 'eloquent',
'model' => 'Admin'
),
'user' => array(
'driver' => 'database',
'table' => 'users'
)
),
'reminder' => array(
'email' => 'emails.auth.reminder',
'table' => 'password_reminders',
'expire' => 60,
),
);
Of course, you can add as many as you want. Then copy paste the default User.php model for your Admin.php table.
Hai i am new to the cakephp.I have designed login page and signup page using CakePhp.I have been added 2 to 3users information in the users table.Now i want to login with register user Email and password.How can i login with email instead of username using authentication?.I am using the cakephp version 2.4.2.Can u please help me?Thanks in advance.
Possible duplicate
Try configure it with:
public $components = array(
'Auth' => array(
'authenticate' => array(
'Form' => array(
'fields' => array('username' => 'email')
)
)
)
);
See also Configuring Authentication handlers in the cookbook.
All Credits to: dhofstet
Auth is probably one of the most confusing parts of CakePHP when first introduced,
You need to change 'username'=>'username' to 'username'=>'email'
Below is a snippet out of one of my current projects, we use the email field instead of the username.
I would also suggest this video on CakePHP 2.0 Auth :
http://www.youtube.com/watch?v=zvwQGZ1BxdM
The Video Tutorials helped me a lot when beginning with CakePHP.
public $components = array(
'Auth' => array(
'loginAction' => array(
'controller' => 'user',
'action' => 'signin'
),
'loginRedirect' => '/',
'authError' => 'Did you really think you are allowed to see that?',
'userModel' => 'User',
'authenticate'=>array(
'Form'=>array(
'fields'=>array(
'username'=>'email',
'password'=>'password'
)
)
)
)
);
When user access unauthorized url in my application, CakePHP execute too many redirects.
I don't know why.
I try set the parameters unauthorizedRedirect and redirectUrl, but doesn't work.
AppController.php
public $components = array(
'DebugKit.Toolbar',
'Session',
'Acl',
'Auth' => array(
'unauthorizedRedirect ' => false,
'loginAction' => array('controller' => 'users', 'action' => 'login'),
'authenticate' => array(
'Form' => array(
'userModel' => 'User',
'fields' => array('username' => 'nickname', 'password' => 'password_hash')
),
),
'authorize' => array(
'Actions' => array('actionPath' => 'controllers/')
)
// 'authError' => 'This error shows up with the user tries to access a part of the website that is protected',
)
);
Change this
"actionPath" => "controllers/"
into this
"actionPath" => "Controllers/"
I'm quite sure that you are on a case sensitive OS.
Another thing to setup it's the "loginRedirect" and the "logoutRedirect" statements: at the moment, if you login into the users/login action you will be redirected to the same action again and again. For a testing purpose I'd recommend you to set both of them to the root just adding this to your code:
'loginRedirect' => '/',
'logoutRedirect' => '/'
firstly check that is users/login action can display content to unauthorized user ? Use $this->Auth->allow(array('login', 'logout') in user controller. If you use Acl and Action authorize, check that anonymus has permission to see this user/login page.
I'm developing a Controller that manages two kind of Login:
Email and Password
Email
the second type only has the email field. The reason is that a third party provider gives me the email of the user that is logged but I also need to check if that email exists in my database.
So I have two type of authentications, the question is:
Can I use Auth for the second type? (only email check)
Thank you
I dont see the reason to use Auth here (you are abusing the whole Auth mechanism with this approach. it is also just a huge overhead to handle a simple lookup).
just use find(first) to check if the email exists and use the result accordingly. thats all there is to it.
You can see in this link:
http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html#configuring-authentication-handlers
<?php
// Pass settings in $components array
public $components = array(
'Auth' => array(
'authenticate' => array(
'Form' => array(
'fields' => array('username' => 'email')
)
)
)
);
This for me works fine for you!
read this
http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html
try this:-
<?php
// Pass settings in $components array
public $components = array(
'Auth' => array(
'loginAction' => array(
'controller' => 'users',
'action' => 'login',
'plugin' => 'users'
),
'authError' => 'Did you really think you are allowed to see that?',
'authenticate' => array(
'Form' => array(
'fields' => array('username' => 'email')
)
)
)
);
?>
Or
<?php
// Pass settings in $components array
public $components = array(
'Auth' => array(
'authenticate' => array(
'Form' => array(
'fields' => array('username' => 'email')
)
)
)
);