I have a site in cakephp 2.x where I want that a guest user (not logged in) can see same pages:
users/login
users/forgot_password
users/reset_password
I have AuthComponent that can't access my page. I can access to users/login but not to forgot_password and reset_password, if i try to ccess always redirect to the login page.
This is my AppController with AuthComponent:
public $components = array(
'Session',
'Auth' => array(
'loginAction' => array('controller'=>'users','action'=>'login', 'admin'=>false),
'logoutRedirect' => array('controller'=>'users','action'=>'login'),
'loginRedirect' => array('controller'=>'projects', 'action'=>'index'),
'authError' => 'Questa risorsa non sembra appartenere al tuo account, oppure non hai eseguito l\'accesso',
'autoRedirect' => false,
'authorize' => array(
'Controller',
'Actions' => array(
'actionPath' => 'controllers'
)
),
'authenticate' => array(
'Form' => array(
'fields' => array('username' => 'email')
)
)
)
);
In this case I can't access to forgot_password and reset_password.
But if I change it to this:
public $components = array(
'Session',
'Auth' => array(
'loginAction' => null,
'logoutRedirect' => array('controller'=>'users','action'=>'login'),
'loginRedirect' => array('controller'=>'projects', 'action'=>'index'),
'authError' => 'Questa risorsa non sembra appartenere al tuo account, oppure non hai eseguito l\'accesso',
'autoRedirect' => false,
'authorize' => array(
'Controller',
'Actions' => array(
'actionPath' => 'controllers'
)
),
'authenticate' => array(
'Form' => array(
'fields' => array('username' => 'email')
)
)
)
);
I have set null to loginAction in this case I can access to forgot_password and reset_password but page are blank without errors, body are empty. These page are simply html without query like this:
controller action
public function forgot_password(){
}
view
<div>
<p>RESTORE PASSWORD</p>
</div>
Someone can help me? Thanks
In your beforeFilter() callback, add $this->Auth->allow('forgot_password');
Api: AuthComponent:allow()
Related
I am setting for the first time the Auth component on my site, and everything seems to work fine except when I try to access a restricted page. Instead of being redirected to http://localhost/MySite/users/login, I get redirected to http://localhost/MySite/users/users/login, the controller name is repeated on the url. How can this issue be fixed?
I am using CakePhp 2.4.4
AppController
class AppController extends Controller {
public $components = array('DebugKit.Toolbar',
'Session','Auth' => array(
'loginRedirect'=> array(
'controller' => 'admins',
'action' => 'admin_index'
),
'logoutRedirect' => array(
'controller' => 'users',
'action' => 'login'
),
'loginAction' => array(
'controller' => 'users',
'action' => 'login',
'plugin' => 'users'
),
'authError' => 'Não tem permissão para aceder a esta área. Por favor faça login.',
'authenticate' => array(
'Form' => array(
'fields' => array('username' => 'username', 'password' => 'password'
),
'userModel' => 'User'
)
),
'authorize' =>array('Controller'
)
)
);
public function beforeFilter(){
$this->Auth->allow('index','ShowImages','ShowShowbill','ShowVideos','ShowContactUs','contact','login','DisplayMusic','DisplayEntertainment','DisplayPromotion','DisplayStaff','DisplayEquipments');
}
In Auth component you need to add 'unauthorizedRedirect' otherwise Cake tries to redirect to /{app-directory} (this was giving me a headache yesterday).
public $components = array(
//your other components
'Auth' => array(
//your other options for Auth
'unauthorizedRedirect' => '/home'
)
);
This would direct any user trying to access a page they shouldn't be allowed on to 'yourDomain/home'.
When user access unauthorized url in my application, CakePHP execute too many redirects.
I don't know why.
I try set the parameters unauthorizedRedirect and redirectUrl, but doesn't work.
AppController.php
public $components = array(
'DebugKit.Toolbar',
'Session',
'Acl',
'Auth' => array(
'unauthorizedRedirect ' => false,
'loginAction' => array('controller' => 'users', 'action' => 'login'),
'authenticate' => array(
'Form' => array(
'userModel' => 'User',
'fields' => array('username' => 'nickname', 'password' => 'password_hash')
),
),
'authorize' => array(
'Actions' => array('actionPath' => 'controllers/')
)
// 'authError' => 'This error shows up with the user tries to access a part of the website that is protected',
)
);
Change this
"actionPath" => "controllers/"
into this
"actionPath" => "Controllers/"
I'm quite sure that you are on a case sensitive OS.
Another thing to setup it's the "loginRedirect" and the "logoutRedirect" statements: at the moment, if you login into the users/login action you will be redirected to the same action again and again. For a testing purpose I'd recommend you to set both of them to the root just adding this to your code:
'loginRedirect' => '/',
'logoutRedirect' => '/'
firstly check that is users/login action can display content to unauthorized user ? Use $this->Auth->allow(array('login', 'logout') in user controller. If you use Acl and Action authorize, check that anonymus has permission to see this user/login page.
I'va been trying to change the 'userModel' from the default 'user' to 'usuario'. I'va done this before in CakePHP 1.3 but I can't get it to work using the lastest version.
Here's my code (AppController.php):
App::uses('Controller', 'Controller');
class AppController extends Controller {
public $components = array(
'Auth' => array(
'loginError' => "Nombre de usuario o contraseña incorrectos.",
'authError' => "Debes ingresar con tu cuenta de usuario.",
'loginRedirect' => array('controller' => 'administrador', 'action' => 'productos'),
'logoutRedirect' => array('controller' => 'usuarios', 'action' => 'login')
),
'Session',
'Email'
);
public function beforeFilter() {
$this->Auth->authenticate = array(
'Basic' => array('userModel' => 'Usuario'),
'Form' => array('userModel' => 'Usuario')
);
}
}
Thanks in advance.
EDIT: The component redirects me to "/users/login" instead of "/usuarios/login" and the login form in "/usuarios/login" doesn't work. It's like I never changed the userModel.
Try doing this while initializing the Auth Component
In you AppController:
public $components = array(
'Auth' => array(
'authenticate' => array(
'Form' => array(
'userModel' => 'Usuario',
'fields' => array(
'username' => 'username',
'password' => 'password'
)
)
)
)
);
Set custom UserModel is nothing to do with Auth::loginAction which is point to /users/login by default. You can override it in Controller::beforeFilter() callback or Controller::$components array. Hope help.
Change you $components array to this:
public $components = array(
'Auth' => array(
'loginError' => "Nombre de usuario o contraseña incorrectos.",
'authError' => "Debes ingresar con tu cuenta de usuario.",
'loginRedirect' => array('controller' => 'administrador', 'action' => 'productos'),
'logoutRedirect' => array('controller' => 'usuarios', 'action' => 'login'),
'loginAction' => array('controller' => 'usuario','action' => 'login','plugin' => null),
'authenticate' => array('Form' => array('userModel' => 'Usuario')
),
),
'Session',
'Email'
);
Try this code
App::uses('Controller', 'Controller');
class AppController extends Controller {
public $components = array(
'Auth' => array(
'loginError' => "Nombre de usuario o contraseña incorrectos.",
'authError' => "Debes ingresar con tu cuenta de usuario.",
'loginAction' => array('controller' => 'aucusers','action' => 'login'),
'loginRedirect' => array('controller' => 'administrador', 'action' => 'productos'),
'logoutRedirect' => array('controller' => 'usuarios', 'action' => 'login')
),
'Session',
'Email'
);
}
i hv added this the folowing line
'loginAction' => array('controller' => 'aucusers','action' => 'login'),
I am having a user table with an active field datatype enum(1,0) for my cake php application
I want to dis allow the inactive users from logging into my application. For this i added this code in my Appcontroller.php
public $components = array('Acl', 'Session',
'Auth' => array('authorize' => array('Controller'),
'loginRedirect' => array('controller' => 'users', 'action' => 'index'),
'logoutRedirect' => array('controller' => 'users', 'action' => 'login'),
'Form' => array('userModel' => 'User'),
'all' => array('scope' => array('User.active' => 1)))
);
My user model is User
But this is allowing the in active users also to login to the application.
What am i doing wrong?
Thanks
please check your array it is wrong assing
check below array and it will work for you
public $components = array(
'Auth' => array(
'loginAction' => array(
'controller' => 'users',
'action' => 'login'
),
'authError' => 'Je hebt geen toegang tot dit gedeelte',
'authenticate' => array(
'Form' => array(
'fields' => array('username' => 'email'),
'scope' => array('is_admin' => '1')
),
)
),
'Session'
);
Whenever I've dealt with enums in CakePHP, their value is always a string. Therefore I think the problem you're encountering is that 1 is not equal to '1'.
For your active field, try using the BOOLEAN datatype which is a synonym of TINYINT(1). You should then write in your Auth component configuration:
public $components = array('Acl', 'Session',
'Auth' => array('authorize' => array('Controller'),
'loginRedirect' => array('controller' => 'users', 'action' => 'index'),
'logoutRedirect' => array('controller' => 'users', 'action' => 'login'),
'Form' => array('userModel' => 'User'),
'all' => array('scope' => array('User.active' => true)))
);
Semantically, I feel this makes more sense.
Noob question!
I have a complete admin setup: login, authentication an so on, it's working.
So, now i need a new controller to another situation and then i create the controller named PressDownloadsController and the correct views to every action inside this new controller.
I also created the following route:
Router::connect('/pressdownloads', array('controller' => 'pressdownloads', 'action' => 'downloads'));
Inside the pressDownloads controller, there's some redirect between some actions.
When i try to open the url /pressdownloads/downloads or just /pressdownloads it just goes to admin controller and i need to login in before acess the pressdownloads area.
Why?
The Auth Settings inside UsersController (admin):
Ok. I get it.
So the auth settings:
public $components = array(
'Session',
'Auth' => array(
'loginAction' => array(
'controller' => 'users',
'action' => 'login',
'prefix' => 'admin',
),
'loginRedirect' => '/admin/events',
'logoutRedirect' => '/admin',
'authError' => 'Acesso negado',
'flash' => array(
'element' => 'admin/messages/error',
'key' => 'auth',
'params' => array()
),
'authorize' => array('Controller'),
'authenticate' => array(
'Form' => array(
'fields' => array('username' => 'email')
)
)
)
);
I recommend to check Auth component settings and how you split admin area from non-admin.
Also, you may specify in your routing not to use admin prefix like this:
Router::connect('/pressdownloads', array('controller' => 'pressdownloads', 'action' => 'downloads', 'admin' => false));
I believe you are going to that link after "Admin" has been enabled. Simply put you must be clicking the link from the pages served by admin.
Try adding additional parameter "admin" => false in your present route.
Router::connect('/pressdownloads',
array(
'controller' => 'pressdownloads',
'action' => 'downloads',
'admin' => false
)
);