Hello -
Using 1.2 beta release 6311 with Auth component. I've set the session
timeout to 60 seconds for testing (core.php "high" setting). I'm able
to login and get redirected correctly to loginRedirect(). If I sit
on a protected page and let the session time out, I get redirected
back to the login page, but there is no flash message. I would expect
authError to be displayed in this situation.
In the case of a request to a page the current user is not authorized
for, redirection to the login page happens and authError is
displayed. For instance a request to /admin/users by a non-admin
user.
Here is my code:
app_controller:
function beforeFilter(){
//Set up Auth Component
$this->Auth->loginAction = '/users/login';
$this->Auth->loginRedirect = array('controller' => 'users',
'action'
=> 'bouserview');
$this->Auth->fields = array('username' => 'email', 'password' =>
'passwd');
$this->Auth->autoRedirect = false;
$this->Auth->loginError = 'Invalid e-mail / password
combination.
Please try again';
$this->Auth->authError = 'Your session has expired or you are
not
authorized to access that location! Please log in again.';
$this->Auth->authorize = 'controller';
// Only allow active users to login
$this->Auth->userScope = array('User.active' => 1); //user
needs to
be active.
}
function isAuthorized() {
if (isset($this->params[Configure::read('Routing.admin')])) {
if ($this->Auth->user('admin') == 0) {
$this->Session->setFlash("You are not
authorized to access that
location!");
$this->redirect($this->Auth->logout());
return false;
}
}
return true;
}
users_controller:
function login() {
$this->disableCache();
if ($this->Auth->user()) {
//if the redirect was due to a failed /admin* page,
then set
redirect to login page
if (stristr($this->Session->read('Auth.redirect'),
'admin') ===
TRUE) {
$this->Session->write('Auth.redirect',
'/users/login');
}
//set site_id in session
$this->User->restrict(array('Site' => array('fields' =>
'Site.id')));
$site =
$this->User->Site->findByUserId($this->Auth->user('id'));
$site_id = $site['Site']['id'];
$this->Session->write('site_id', $site_id);
$this->redirect($this->Auth->redirect());
}
}
function logout(){
$this->Session->setFlash("You've successfully logged out.");
//$this->redirect($this->Auth->logout());
$logOutUrl = $this->Auth->logout();
$this->redirect($logOutUrl);
}
Thanks for any help provided,
Jeremy
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "Cake
PHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to [EMAIL PROTECTED]
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
