I'm proud to say that after some startling revalations from gwoo, I finally understand how to use the Auth component. I'm not doing anything fancy with ACL, but just some basic Controller authorization.
First off, here's my resource: http://www.littlehart.net/atthekeyboard/2007/11/20/follow-up-to-a-hopefully-usefull-tutorial-for-using-cakephps-auth-component/ http://www.littlehart.net/atthekeyboard/2007/09/11/a-hopefully-useful-tutorial-for-using-cakephps-auth-component/ This is how I'm trying to implement this: - User logs in and hit's remember me. - A cookie is written with user and pass (from $this->data, hash by Auth). - Session ends and cookie is still active. - User tries to access restricted model - Check for cookie, if none proceed as normal (redirect to login). - If cookie make Auth comp. use username and password in cookie for login attempt. - Unlike Chris, I don't want to delete the cookie at every login attempt. I would like to cookie to remain and eventually expire. I prefer to delete the cookie when the user physically logs out. Here's some code: //users_controller function login() { if ($this->Auth->user()) { if (!empty($this->data)) { $cookie = array(); $cookie['username'] = $this->data['User']['username']; $cookie['password'] = $this->data['User']['password']; $this->Cookie->write('Auth.User', $cookie, true, '+1 minute'); unset($this->data['User']['remember_me']); } $this->redirect($this->Auth->redirect()); } } function logout(){ $this->Session->setFlash('Good-Bye'); $this->redirect($this->Auth->logout()); } function beforeFilter() { $this->Auth->autoRedirect = false; parent::beforeFilter(); $this->Auth->allow('add', 'view', 'admin_add'); } // app_controller: function beforeFilter(){ $this->Auth->authorize = 'controller'; $this->Auth->loginAction = '/login/'; $this->Auth->allow('admin_add', 'view', 'add'); $cookie = $this->Cookie->read('Auth.User'); if (!is_null($cookie)) { $this->data['User']['username'] = $cookie['username']; $this->data['User']['password'] = $cookie['password']; // Clear auth message, just in case we use it. $this->Session->destroy('Message.auth'); } } function isAuthorized() { return true; } Problems: bottom line it doesn't work. But this is my main problem. When it does work (in it's unstable way - sometimes not allowing a login, sometimes restricting access when it should arleady be logged in) if I use anything in the User model it prepopulates my $this->data, like it should. But this causes problems, eg. when adding a user. Since this is populated in the beforeFilter() it just submits right away. Anyone had any success implementing something simliar? I would greatly appreciate any help. --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "Cake PHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---
