I want to let Auth give access to login(), logout() and add() action of my users controller, but it doesn't matter if I use $this->Auth->allow('logout'); or not I get the message: You are not authorized to access that location. login() and add() work fine though.
This is my AppContoller.php:
class AppController extends Controller {
public $components = array(
'Auth' => array(
'authenticate' => array(
'Form' => array(
'userModel' => 'User',
'fields' => array(
'username' => 'email', 'password' => 'password')
)
),
'loginRedirect' => array('controller' => 'users', 'action' => 'index'),
'logoutRedirect' => array('controller' => 'pages', 'action' => 'display', 'landing')
), 'Session'
);
public function beforeFilter() {
$this->Auth->allow('add', 'login');
}
}
And this is the relevant part of my UsersController.php:
public $helpers = array('Html', 'Form', 'Session');
public $components = array('Session');
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow('logout');
}
public function logout() {
$this->set('title_for_layout', 'Logout');
$this->redirect($this->Auth->logout());
}
Does anyone see the problem here? I appreciate your help.
It seems you are accessing to logout action without problems but the logout redirection destroys your session and redirects you to a page view.
It seems you don't have access to the page without being logged. (you can try it accessing to the URL without being logged)
Add the beforeFilter function at your PagesController:
public function beforeFilter(){
parent::beforeFilter();
$this->Auth->allow();
}
PagesController comes by default with CakePHP 2.2, if you don't have it, just copy and paste any other controller and add this function deleting all the rest.
EDITED:
If the PagesController was already there, just add the beforeFilter function.
Related
for my site I need to have two different auth session because one login is for admin section (like worpdress admin "wp-admi" access), and one login is for account login into the site.
So I have thought to duplicate AppController with AppAdminController but I retrieve some error.
This is my AppAdminController
App::uses('Controller', 'Controller');
class AppAdminController extends Controller {
public $helpers = array('Html', 'Form', 'Session'); //'DebugKit.Toolbar'
public $components = array(
'Session',
'Auth' => array(
'loginRedirect' => array('controller' => 'admin', 'action' => 'index'),
'logoutRedirect' => array('controller' => 'admin', 'action' => 'index'),
'authError' => 'Questa risorsa non sembra appartenere al tuo account, oppure non hai eseguito l\'accesso',
'autoRedirect' => false,
'authorize' => array(
'Controller',
'Actions' => array(
'actionPath' => 'controllers'
)
),
'authenticate' => array(
'Form' => array(
'fields' => array('username' => 'username')
)
)
)
);
public function afterFilter () {
}
public function beforeFilter () {
}
}
and I use it into AdminController:
App::uses('AppAdminController', 'Controller');
App::uses('AppController', 'Controller');
class AdminController extends AppAdminController {
public $name = 'Admin';
public $scaffold;
public $uses = 'users';
public $useDbConfig = 'admin';
public function beforeFilter () {
parent::beforeFilter();
$user_type = 'guest';
if($this->Session->read('is_logged')){
$auth_user = $this->Auth->user();
$user_type = $auth_user['group'];
}
}
}
I retrieve this error:
Call to a member function read() on a non-object
into this line:
if($this->Session->read('is_logged')){
How can I fix this?
Thanks
i am developing with cakephp 2.4.7 where i am using the auth component for multiple login (a user and a company login).
My goal is to set the right sessionKey (Auth.User or Auth.Company) in the beforeFilter. Auth.User is the default value in cakephp.
AppController:
public $helpers = array('Cache','Html','Session','Form');
public $components = array(
'Security',
'Cookie',
'RequestHandler',
'DebugKit.Toolbar',
'Session',
'Auth' => array(
'loginRedirect' => array(
'controller' => 'users',
'action' => 'index'
),
'logoutRedirect' => array(
'controller' => 'users',
'action' => 'login'
),
'authError' => 'You must be loggedin to view this page.',
'loginError' => 'Invalid user credentials.',
'authorize' => array('Controller')
)
);
public function beforeFilter() {
$this->Auth->deny('*');
}
CompaniesController:
public function beforeFilter() {
parent::beforeFilter();
AuthComponent::$sessionKey = 'Company';
//$this->Auth->sessionKey = 'Auth.Company';
$this->Auth->authenticate = array(
'Form' => array(
'userModel' => 'Company', // set the new userModel
'fields' => array('username' => 'email')
)
);
$this->Auth->allow('register', 'login', 'logout');
}
The login works perfectly, but the auth-session is still Auth.User. (Tested with debug($this->Auth->User());)
What i am doing wrong? How can i set the AuthComponent::$sessionKey correctly?
I had a same problem today, I have jumped into code (here) to check why its not working for me.
It seems that you have to set it like this
public function beforeFilter()
{
AuthComponent::$sessionKey = 'Auth.Company'; // static property so we have to
// access in static way so you want get strict errors
...
}
and then logout and login user again. In your action just var_dump() or pr() the $this->Session->read('Auth')
Btw $this->Auth->user() will always return you array that is in the Auth by [$sessionKey] and its same for AuthComponent::user() static call.
I'm a beginner on cakePHP and I have a problem with Auth Component.
The function allow of Auth doesn't work for permission of all (*). The code is this:
<?php
App::uses('Controller', 'Controller');
class AppController extends Controller {
public $components = array(
'ACL',
'Auth' => array(
'authorize' => array(
'Actions' => array('actionPath' => 'controllers')
)
),
'Session'
);
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow('*');
}
}
All actions redirecting to the login action. The function allow really doesn't work as planned.
I resolve the problem... I used the function with parameter empty. It worked
<?php
App::uses('Controller', 'Controller');
class AppController extends Controller {
public $components = array(
'ACL',
'Auth' => array(
'authorize' => array(
'Actions' => array('actionPath' => 'controllers')
)
),
'Session'
);
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow();
}
}
Thanks
On localhost i have no problem at all. i can login access all sites and go through the process of the site without a problem.
Now when i put it remotely i get logged out as soon as i change page (aka i am being redirected to my login view no matter what link i press)
My AppController loos like this:
<?php
App::uses('Controller', 'Controller');
class AppController extends Controller {
public $components = array(
'Acl',
'Auth' => array(
'authorize' => array(
'Actions' => array('actionPath' => 'controllers')
)
),
'Session'
);
public $uses = array
(
'Category'
);
public $helpers = array('Html', 'Form', 'Session');
public function beforeFilter() {
$this->Auth->allow('*');
//Configure AuthComponent
$this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
$this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login');
$this->Auth->loginRedirect = array('controller' => 'home', 'action' => 'index');
$this->set('menu_categories', $this->Category->find('all'));
}
}
Please tell me if you need more information (also if you wish to try this issue go to my page (my domain
log in as test password test123
I have a cakephp app that when I logout it add's admin/login ti the url of the logging in screen. Then when I log in again it says missing controler. I already have a redirect to the Auth logout. If I change that will it still logout?
Original login url:
mydomain.com/res/admin
Url after logout
mydomain.com/res/admin/users/login
After I log in to admin:
mydomain.com/res/admin/admin/login
user controller:
function admin_logout() {
$this->redirect($this->Auth->logout());
}
In AppController you can do something like this
public $components = array(
'Session',
'Auth' => array(
'loginRedirect' => array('controller' => 'posts', 'action' => 'index'),
'logoutRedirect' => array('controller' => 'users', 'action' => 'login', 'login'),//redirect url
'authorize' => array('Controller')
)
);
and in UserController
public function logout() {
$this->redirect($this->Auth->logout());
}
this worked for me.
I solved this by putting a logout redirect in the beforefilter.