CakePHP Auth Component, function allow with parameter "*" doesn't work - php

I'm a beginner on cakePHP and I have a problem with Auth Component.
The function allow of Auth doesn't work for permission of all (*). The code is this:
<?php
App::uses('Controller', 'Controller');
class AppController extends Controller {
public $components = array(
'ACL',
'Auth' => array(
'authorize' => array(
'Actions' => array('actionPath' => 'controllers')
)
),
'Session'
);
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow('*');
}
}
All actions redirecting to the login action. The function allow really doesn't work as planned.

I resolve the problem... I used the function with parameter empty. It worked
<?php
App::uses('Controller', 'Controller');
class AppController extends Controller {
public $components = array(
'ACL',
'Auth' => array(
'authorize' => array(
'Actions' => array('actionPath' => 'controllers')
)
),
'Session'
);
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow();
}
}
Thanks

Related

Duplicate AppController cakephp

for my site I need to have two different auth session because one login is for admin section (like worpdress admin "wp-admi" access), and one login is for account login into the site.
So I have thought to duplicate AppController with AppAdminController but I retrieve some error.
This is my AppAdminController
App::uses('Controller', 'Controller');
class AppAdminController extends Controller {
public $helpers = array('Html', 'Form', 'Session'); //'DebugKit.Toolbar'
public $components = array(
'Session',
'Auth' => array(
'loginRedirect' => array('controller' => 'admin', 'action' => 'index'),
'logoutRedirect' => array('controller' => 'admin', 'action' => 'index'),
'authError' => 'Questa risorsa non sembra appartenere al tuo account, oppure non hai eseguito l\'accesso',
'autoRedirect' => false,
'authorize' => array(
'Controller',
'Actions' => array(
'actionPath' => 'controllers'
)
),
'authenticate' => array(
'Form' => array(
'fields' => array('username' => 'username')
)
)
)
);
public function afterFilter () {
}
public function beforeFilter () {
}
}
and I use it into AdminController:
App::uses('AppAdminController', 'Controller');
App::uses('AppController', 'Controller');
class AdminController extends AppAdminController {
public $name = 'Admin';
public $scaffold;
public $uses = 'users';
public $useDbConfig = 'admin';
public function beforeFilter () {
parent::beforeFilter();
$user_type = 'guest';
if($this->Session->read('is_logged')){
$auth_user = $this->Auth->user();
$user_type = $auth_user['group'];
}
}
}
I retrieve this error:
Call to a member function read() on a non-object
into this line:
if($this->Session->read('is_logged')){
How can I fix this?
Thanks

can not set cakephp AuthComponent sessionKey

i am developing with cakephp 2.4.7 where i am using the auth component for multiple login (a user and a company login).
My goal is to set the right sessionKey (Auth.User or Auth.Company) in the beforeFilter. Auth.User is the default value in cakephp.
AppController:
public $helpers = array('Cache','Html','Session','Form');
public $components = array(
'Security',
'Cookie',
'RequestHandler',
'DebugKit.Toolbar',
'Session',
'Auth' => array(
'loginRedirect' => array(
'controller' => 'users',
'action' => 'index'
),
'logoutRedirect' => array(
'controller' => 'users',
'action' => 'login'
),
'authError' => 'You must be loggedin to view this page.',
'loginError' => 'Invalid user credentials.',
'authorize' => array('Controller')
)
);
public function beforeFilter() {
$this->Auth->deny('*');
}
CompaniesController:
public function beforeFilter() {
parent::beforeFilter();
AuthComponent::$sessionKey = 'Company';
//$this->Auth->sessionKey = 'Auth.Company';
$this->Auth->authenticate = array(
'Form' => array(
'userModel' => 'Company', // set the new userModel
'fields' => array('username' => 'email')
)
);
$this->Auth->allow('register', 'login', 'logout');
}
The login works perfectly, but the auth-session is still Auth.User. (Tested with debug($this->Auth->User());)
What i am doing wrong? How can i set the AuthComponent::$sessionKey correctly?
I had a same problem today, I have jumped into code (here) to check why its not working for me.
It seems that you have to set it like this
public function beforeFilter()
{
AuthComponent::$sessionKey = 'Auth.Company'; // static property so we have to
// access in static way so you want get strict errors
...
}
and then logout and login user again. In your action just var_dump() or pr() the $this->Session->read('Auth')
Btw $this->Auth->user() will always return you array that is in the Auth by [$sessionKey] and its same for AuthComponent::user() static call.

Cakephp Auth logs out only remotely

On localhost i have no problem at all. i can login access all sites and go through the process of the site without a problem.
Now when i put it remotely i get logged out as soon as i change page (aka i am being redirected to my login view no matter what link i press)
My AppController loos like this:
<?php
App::uses('Controller', 'Controller');
class AppController extends Controller {
public $components = array(
'Acl',
'Auth' => array(
'authorize' => array(
'Actions' => array('actionPath' => 'controllers')
)
),
'Session'
);
public $uses = array
(
'Category'
);
public $helpers = array('Html', 'Form', 'Session');
public function beforeFilter() {
$this->Auth->allow('*');
//Configure AuthComponent
$this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
$this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login');
$this->Auth->loginRedirect = array('controller' => 'home', 'action' => 'index');
$this->set('menu_categories', $this->Category->find('all'));
}
}
Please tell me if you need more information (also if you wish to try this issue go to my page (my domain
log in as test password test123

Why is the logout action not accessible?

I want to let Auth give access to login(), logout() and add() action of my users controller, but it doesn't matter if I use $this->Auth->allow('logout'); or not I get the message: You are not authorized to access that location. login() and add() work fine though.
This is my AppContoller.php:
class AppController extends Controller {
public $components = array(
'Auth' => array(
'authenticate' => array(
'Form' => array(
'userModel' => 'User',
'fields' => array(
'username' => 'email', 'password' => 'password')
)
),
'loginRedirect' => array('controller' => 'users', 'action' => 'index'),
'logoutRedirect' => array('controller' => 'pages', 'action' => 'display', 'landing')
), 'Session'
);
public function beforeFilter() {
$this->Auth->allow('add', 'login');
}
}
And this is the relevant part of my UsersController.php:
public $helpers = array('Html', 'Form', 'Session');
public $components = array('Session');
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow('logout');
}
public function logout() {
$this->set('title_for_layout', 'Logout');
$this->redirect($this->Auth->logout());
}
Does anyone see the problem here? I appreciate your help.
It seems you are accessing to logout action without problems but the logout redirection destroys your session and redirects you to a page view.
It seems you don't have access to the page without being logged. (you can try it accessing to the URL without being logged)
Add the beforeFilter function at your PagesController:
public function beforeFilter(){
parent::beforeFilter();
$this->Auth->allow();
}
PagesController comes by default with CakePHP 2.2, if you don't have it, just copy and paste any other controller and add this function deleting all the rest.
EDITED:
If the PagesController was already there, just add the beforeFilter function.

cakephp 2.x cant login using official tutorial

I'm using CakePHP 2.2, here is the link to tutorial that I used: link
Very important: I turned off Inflector
I don't care about ACL(it works :D), my AUTH doesn't work... $this->Auth->login() returns false...
Users controller:
App::uses('AppController', 'Controller');
class UsersController extends AppController {
public $helpers = array('Html','Form');
public $components = array('Auth' => array('authenticate' => array('form' => array('fields' => array('username' => 'login')))),'Session');
function beforeFilter() {
//$this->Auth->allow('logout', 'view');
$this->Auth->allow('*');
parent::beforeFilter();
}
function login() {
if ($this->Auth->login())
{
$this->redirect($this->Auth->redirect());
} else
{
$this->Session->setFlash(__('Invalid username or password, try again'));
}
App controller:
App::uses('Alc', 'Controller', 'Controller');
class AppController extends Controller {
public $components = array('Auth'=>array('authorize' => array('Actions' => array('actionPath' => 'controllers'))), 'Session');
public $helpers = array('Html', 'Form', 'Session');
function beforeFilter() {
$this->Auth->userModel = 'Users';
$this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
$this->Auth->allow('index', 'view', 'admin', 'edit', 'login', 'logout', 'add');
$this->Auth->logoutRedirect = array('controller' => 'novosti', 'action' => 'index');
$this->Auth->loginRedirect = array('controller' => 'novosti', 'action' => 'index');
}
Users Model:
App::uses('AuthComponent', 'Controller/Component');
class Users extends AppModel {
public function beforeSave($options = array()) {
if (isset($this->data[$this->alias]['password'])) {
$this->data['Users']['password'] = AuthComponent::password($this->data['Users']['password']);
}
return true;
}
public function bindNode($user) {
return array('model' => 'Groups', 'foreign_key' => $user['Users']['groups_id']);
}
View file:
<?php
echo $this->Session->flash('auth');
echo $this->Form->create('Users', array('action' => 'login'));
echo $this->Form->inputs(array(
'legend' => __('Login', true),
'Login',
'password'
));
echo $this->Form->end('Login');
?>
NO SQL DUMPS AVAILABLE
I went to lib/controller/components/Authcomponents.php and to lib/controller/components/auth/* and look though all those files.... and changed all Auth.User to Auth.Users; also looked though setting variables and everywhere I found I changed the model name from User to Users, and also for login fields a changed from username to Login
if (debug($this->Auth->login()))
Debug doesn't returning anything so this line will always fail.
Your usename is field is Login but the default is username and you haven't configured Auth for this.
public $components = [
'Auth' => [
'authenticate' => [
'Form' => [
'userModel' => 'Users',
'fields' => [
'username' => 'Login'
],
],
],
],
];
In your beforeSave you're using Users key rather than User. Model is singular.
Add <?php echo $this->element('sql_dump'); ?> and look at the query generated. Make sure it is correct and the password matches with your database value.
Just some stuff I noticed.
Try this in login view:
<?php
echo $this->Session->flash('auth');
echo $this->Form->create('Users', array('action' => 'login'));
echo $this->Form->inputs(array(
'legend' => __('Login', true),
'username',
'password'
));
echo $this->Form->end('Login');
?>
Auth accepts default authorize fileds as username/password if you want to use login then override auth authorization like this in controller:
$this->Auth->fields = array('username' => 'login', 'password' => 'password');
or in controller you can do this:
$this->Auth->authenticate = array(
'Form' => array(
'fields' => array('username' => 'login', 'password' =>'password')
)
);
if($this->Auth->login($this->request->data['Users'])){
......your code...
}

Categories