I'm strangling with a simple matter :
How to tell Cake to use a different Session configuration for different prefix (routes).
I have the main domain www.domain.tdl and I don't want the prefix couriers (www.domain.tdl/couriers) to use the same Session configuration to avoid Authentification problems : the main domain and prefix use different Authentification configurations.
So, in my App.php, the Session config is :
'Session' => [
'defaults' => 'cake',
'timeout' => 24 * 60, //in minutes,
'cookie' => 'app_bo',
// "cookiePath" => "/mrbo", (tried with or without)
'ini' => [
"session.name" => "MR_BO",
]
],
And I thought I could change the config in the AppController of the prefix :
src/Controller/Couriers/AppController.php
Configure::write('Session', [
'defaults' => 'cake',
'timeout' => 24 * 60, //in minutes,
'cookie' => 'app_courier',
"cookiePath" => "/mrcourier",
'ini' => [
"session.name" => "MR_COURIER",
]
]);
ini_set('session.cookie_name', 'app_courier');
ini_set('session.cookie_path', '/mrcourier');
ini_set('session.name', 'MR_COURIER');
Using only Configure::write did not work, that's why I added ini_set (seems like it update only internal CakePhp configuration).
By doing so, its works and not works. Indeed, I see that the domain and the prefix don't use the same, but when I tried to log in in the prefix page, nothing, it redirect to itself.
I think it's because CakePHP use Session internally before my settings in the prefix AppController.
EDIT
Here is the Auth component loading : (the one for the prefix is quit the same, only the controller model/controller change)
$this->loadComponent('Auth', [
'authorize' => ['Controller'],
'authenticate' => [
'Custom' => [
'passwordHasher' => [
'className' => 'Legacy',
],
'userModel' => 'Establishments',
'fields' => array('username' => 'login', 'password' => 'password'),
"salt" => "salt" // Relative field for SALT
],
],
'loginAction' => [
'controller' => 'establishments',
'action' => 'login'
],
'loginRedirect' => [
'controller' => 'pages',
'action' => 'dashboard'
],
'logoutRedirect' => [
'controller' => 'establishments',
'action' => 'login',
]
]);
In your auth configuration, use storage param to change Session settings. Use different key for each configuration
$this->loadComponent('Auth', [
'authorize' => ['Controller'],
'storage' => ['className' => 'Session', 'key' => 'Auth.Admin'],
/* ... */
]
);
Related
I am using CakePHP's Auth-component for user-login data and want to associate the users_table with a user_details table. The association works, and if I manually get a user out it works fine, but is it possible to make the auth-component load in the associated table when logging the user in? so far I have tried this with no luck:
$this->loadComponent('Auth', [
'authorize' => ['Controller'],
'authenticate' => [
'Form' => [
'fields' => [
'username' => 'email',
'password' => 'password'
],
'contain' => ['user_details']
]
],
'loginAction' => [
'controller' => 'users',
'action' => 'login'
]
]);
Note the "contain" part - that is where I try to load associated table but with no luck?
Thanks.
contain has been deprecated in favor of 'finder'
so define a finder in your User Table
public function findDetails($query, array $options)
{
return $query
->contain(['UserDetails']);
}
and in the AppController
$this->loadComponent('Auth', [
'authorize' => ['Controller'],
'authenticate' => [
'Form' => [
'fields' => [
'username' => 'email',
'password' => 'password'
],
'finder' => ['details']
]
],
'loginAction' => [
'controller' => 'users',
'action' => 'login'
]
]);
https://book.cakephp.org/3.0/en/controllers/components/authentication.html#customizing-find-query
Hello guy's I newbie in cakephp 3.0. I know little bit cakephp 2.0. I configured my redis with cakephp 2.0 with this help of url But I don't know how to configure in cakephp 3.0 please help me
Since Cakephp 4 is out, I am currently studying it (which seems exists in Cakphp 3 as well) and seems like there is a way to do it. Not tested yet.
Following this: https://book.cakephp.org/4/en/development/sessions.html#cache-sessions
app.php
'Session' => [
'defaults' => 'cache', //Use the Cache class to save session
'handler' => [
'config' => 'session'
]
],
Following this link: https://book.cakephp.org/4/en/core-libraries/caching.html#redisengine-options
app.php
/*
* Configure the cache adapters.
*/
'Cache' => [
'session' => [
'className' => RedisEngine::class,
//`port` The port your Redis server is running on.
//`host` The host your Redis server is running on.
//`database` The database number to use for connection.
//`password` Redis server password.
//`persistent` Should a persistent connection be made to Redis.
//`timeout` Connection timeout for Redis.
//`unix_socket` Path to a unix socket for Redist.
],
],
I am going to test this out later on and make update if needed, but it really seems promising.
Update 2020-05-20: Tested, it work fine
You would set your session to use cache sessions inside the app.php file:
'Session' => [
'defaults' => 'cache'
]
Then, you would set your cache to redis:
'Cache' => [
'default' => [
'className' => 'Redis',
],
]
In vendor\cakephp\cakephp\src\Network\Session.php
you can see the default type of session.
They are listed as php, cake,cache , database.
$defaults = [
'php' => [
'cookie' => 'CAKEPHP',
'ini' => [
'session.use_trans_sid' => 0,
]
],
'cake' => [
'cookie' => 'CAKEPHP',
'ini' => [
'session.use_trans_sid' => 0,
'session.serialize_handler' => 'php',
'session.use_cookies' => 1,
'session.save_path' => TMP . 'sessions',
'session.save_handler' => 'files'
]
],
'cache' => [
'cookie' => 'CAKEPHP',
'ini' => [
'session.use_trans_sid' => 0,
'session.use_cookies' => 1,
'session.save_handler' => 'user',
],
'handler' => [
'engine' => 'CacheSession',
'config' => 'default'
]
],
'database' => [
'cookie' => 'CAKEPHP',
'ini' => [
'session.use_trans_sid' => 0,
'session.use_cookies' => 1,
'session.save_handler' => 'user',
'session.serialize_handler' => 'php',
],
'handler' => [
'engine' => 'DatabaseSession'
]
]
]
Here is cache using default config of Cache. Maybe you want to use defualt as a File Cache.
In app.php
create a new cache config
'redis' => [
'className' => 'Redis',
'server'=>'127.0.0.1',
'port'=>6379
],
Then you can use your new cache config here.
'Session' => [
'cookie' => 'herewego',
'ini' => [
'session.use_trans_sid' => 0,
'session.use_cookies' => 1,
'session.save_handler' => 'user',
],
'handler' => [
'engine' => 'CacheSession',
'config' => 'redis'
]
],
For some reason the CakePHP Auth Component won't let me log out.
Strangely this error occurred only recently and I can't remember changing anything at the Auth Component at my CakePHP 3 app.
Im setting up the Auth component the following way:
$this->loadComponent('Auth', [
'authenticate' => [
'loginAction' => [
'controller' => 'User',
'action' => 'login'
],
'Form' => [
'finder' => 'auth',
'fields' => ['username' => 'email', 'password' => 'password']
],
'storage' => 'Session'
]
]);
$this->Auth->allow();
Login works as expected, but when I logout with $this->Auth->logout() I get the following error:
An Internal Error Has Occurred
Error: Authentication adapter "loginAction" was not found.
Then, when I remove the array 'loginAction' from the Auth Component completely the error changes to Error: Authentication adapter "storage" was not found.
It seems to work though, when I load the component without any params:$this->loadComponent('Auth')
For the login I need my Auth component set up like described above. Its similar like CakePHP does it in its docs: http://book.cakephp.org/3.0/en/controllers/components/authentication.html#configuring-authentication-handlers
Any Ideas why CakePHP wont let me logout anymore all of a sudden?
Oh my! I cant beleave I wasted all those hours...
The Auth params are messed up, thats how they should look like:
$this->loadComponent('Auth', [
'loginAction' => [
'controller' => 'User',
'action' => 'login'
],
'authenticate' => [
'Form' => [
'finder' => 'auth',
'fields' => ['username' => 'email', 'password' => 'password']
],
],
'storage' => 'Session'
]);
I am using Auth component to check user is logged in.
Here is my AppController's initialize function
public function initialize()
{
parent::initialize();
$this->loadComponent('Flash');
$this->loadComponent('Auth', [
'authenticate' => [
'Form' => [
'fields' => [
'username' => 'username',
'password' => 'password'
],
'passwordHasher' => [
'className' => 'Md5',//My own password hasher
]
]
],
'loginAction' => [
'controller' => 'Dashboard',
'action' => 'login'
]
]);
}
Its working fine.But if I stay inactive for few minutes(like 3-5min) and go(click) to a link it sends me login page.It seems session time expired.
How or Where I can increase this time.
Auth component shares Session class
For Cakephp3
At config/app.php we can set the timeout.
'Session' => [
'defaults' => 'php',
'timeout'=>24*60//in minutes
],
For Cakephp2
in your Config/core.php
Configure::write('Session', array(
'defaults' => 'php',
'timeout' => 31556926 //increase time in seconds
));
Auth component shares Session class. For CakePHP 3 you can set session timeout at config/app.php like below:
'Session' => [
'defaults' => 'php',
'timeout' => 1440, /*24 hours*/
],
I have a site with a root domain and several sub domains, each a separate yii2 module. At the moment I have to log into each sub domain individually. I want to be able to log into the root directory and then be automatically logged into each of the sub domains. There are a few pages here and there on the web about achieving this but nothing that works.
at the moment I have the same setup in both main.php config files (i.e. the root domain and one of the sub domains that I am testing with)
'components' => [
'request' => [
'enableCookieValidation' => true,
'enableCsrfValidation' => true,
'cookieValidationKey' => 'XXXXXXX',
],
'user' => [
'class' => 'yii\web\User',
'identityClass' => 'common\models\User',
'enableAutoLogin' => true,
'identityCookie' => [
'name' => '_myapp',
'httpOnly' => true,
'path' => '/',
]
],
'session' => [
'name' => 'MYAPPSESSID',
'cookieParams' => [
'path' => '/',
],
],
When inspecting my cookies in Chrome after logging in with setup I see two cookies, one for the main site and one for the sub domain, they are both called MYAPPSESSID, and both containing different 'keys' that presumably hook up to the user info set on the PHP session. I get that these two cookies should be one cookie so that both domains hook up to the session user object - but I;ve tried all the different settings I can think of and can't get this to work.
To be able to log on all subdomains, use the following config:
'components' => [
'session' => [
// ...
'cookieParams' => [
'path' => '/',
'domain' => ".domain.com",
],
],
'user' => [
// ...
'identityCookie' => [
'name' => '_identity',
'path' => '/',
'domain' => ".domain.com",
],
],
'request' => [
// ...
'csrfCookie' => [
'name' => '_csrf',
'path' => '/',
'domain' => ".domain.com",
],
],
],
I figured this out in the end. The session->cookieParams needs a 'domain' set on both main.php config files, which is the top level domain name prefixed with a '.'. I did try this but the cookies were'n't being generated, and it turned out that it was because my local domains that I set in Mamp Pro were not formatted in a way that the cookies were expecting them. So my app was at http://myapp, and http://subdomain.myapp. It turns out that the cookie domain setting requires a top level domain (like .com). So I changed my hosts to http://myapp.local and http://subdomain.myapp.local. Then I set the cookie domains to .myapp.local and it worked.
here's my new config, which is on both the root domain and the sub domain. The user->identityCookie settings above turned out to be unnecessary btw.
'components' => [
'request' => [
'enableCookieValidation' => true,
'enableCsrfValidation' => true,
'cookieValidationKey' => 'XXXXXXX',
],
'user' => [
'class' => 'yii\web\User',
'identityClass' => 'common\models\User',
'enableAutoLogin' => true
],
'session' => [
'name' => 'MYAPPSESSID',
'cookieParams' => [
'path' => '/',
'domain' => '.myapp.local'
],
],