Hi, I cant authenticate users when I login in using appcontroller code . I login with a non admin role and I still get through. . In fact I dont get any error and no debug value appears so the isAuthorized($user) doesnt work.l use the same code without email and used username in another website and it works fine. I looked at the code from the docs and really couldnt see the issue. The fields in the users table have role, email,password. Since the same code worked elsewhere without email for username then I am stuck on what to do as i checked how you add email as username in $components.
I have a user with a role called teacher that always logs in when it shouldnt and I have simple password enabled. I checked email and role values in database and all is as expected. http://book.cakephp.org/2.0/en/tutorials-and-examples/blog-auth-example/auth.html public $components = array( "Email", 'Session', 'Auth' => array( 'loginRedirect' => array('controller' => 'users', 'action' => 'dashboard'), 'logoutRedirect' => array('controller' => 'users','action' => 'login' ), 'authenticate' => array( 'Form' => array('fields' => array('username' => 'email') , 'authorize' => array('Controller') // Added this line )))); public function isAuthorized($user) { // Admin can access every action debug($user['role']); //// NO output debug("asdddddddddddddddddddddddddd");//// NO output if (isset($user['role']) && $user['role'] === 'admin') { return true; } // Default deny return false; } -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups "CakePHP" group. To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscr...@googlegroups.com. To post to this group, send email to cake-php@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php. For more options, visit https://groups.google.com/d/optout.