I actually submitted a tutorial for 1.2rc2 on bakery several days ago but it hasn't been approved yet about a simple setup of action based auth_component usage. I spend a few days reading most of what I could find on the matter and there is a lot of things written that have not worked for me. I finally managed to get this working through trial and lot of error :)
Here's a brief walk-through of what worked for me: First, read the docs and follow the example to the letter. This will give you a basic login function as well as callable logout functionality: http://book.cakephp.org/view/172/Authentication Next, add these two lines to your login view template to include a link to registration: echo "Don't have an account yet? "; echo $html->link('Register now','/users/register'); Create a register template, I used this: if ($session->check('Message.auth')) $session->flash('auth'); echo $form->create('User', array('action' => 'register')); echo $form->input('username'); echo $form->input('password'); echo $form->input('password_confirm',array('type'=>'password')); echo $form->end('Register'); And into your users contoller add this function for the registration: function register() { if ($this->data) { if ($this->data['User']['password'] == $this->Auth->password($this- >data['User']['password_confirm'])) { $this->User->create(); if($this->User->save($this->data)) { $this->redirect('/',null,true); } else { $this->data['User']['password']=''; $this->data['User']['password_confirm']=''; } } } } now almost done, make sure you enable auth component in appcontroller and add the following in your beforeFilter: $this->Auth->allow('display','index','view'); That line allows all static pages to be viewed without authorization as well as the index function of all controllers. make sure you also allow 'Registration' in your users controller otherwise your users cant register. That's it, add more allows per controller as needed and you are done. There are some pitfalls to avoid, most notably that the auth->deny() function is used to remove actions from the allowed list, not actively ban the specified action and using it along with allow('*') (basically allowing everything) can does not work in the way at least I expected at first (granted that was before I read the API of the auth component). Hope this helps --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "CakePHP" group. To post to this group, send email to cake-php@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cake-php?hl=en -~----------~----~----~----~------~----~------~--~---