I am using auth component for user authentication. I am creating force
logout functionality in my application. If user with same username and
password logged in from one machine and another user try to log in
using same user name and password from another machine. he/she will
see force logout option under login form. if he/she click on that.
first user gets logout. I am doing this using database table. above
functionality works great in firefox but not in IE 7. In IE when i
click on force logout, auth gives me na error "You are not authorized
to access that location."
Apache log gives me 302 error.
I have changed following part of session in core.php but still it is
not working .......
Configure::write('Security.level', 'low');
Configure::write('Session.checkAgent', false);
And following are unchanged sessions configuration from core.php
Configure::write('Session.save', 'php');
Configure::write('Session.cookie', 'CAKEPHP');
Configure::write('Session.timeout', '120');
Configure::write('Session.start', true);
---------------------------------------------------------------------------------------------------
[B]AppController[/B]
[CODE]
class AppController extends Controller
{
var $components = array('Auth', 'Cookie', 'RequestHandler');
var $helpers = array('Html', 'Form', 'Javascript',
'Ajax','Time');
function beforeFilter()
{
$this->Auth->loginRedirect = array('plugin' =>
null,'controller' => 'questions', 'action' => 'home');
$this->Auth->logoutRedirect = array('plugin' =>
null,'controller'=> 'users', 'action' => 'login');
$this->Auth->allow('signup', 'confirm', 'home',
'show','questionlist');
$this->Auth->authorize = 'controller';
$this->Auth->userScope = array('User.confirmed' =>
'1');
$this->set('loggedIn', $this->Auth->user('id'));
$this->Auth->autoRedirect = false;
$this->Cookie->name = 'QuickWall';
if(!$this->Auth->user('id'))
{
$cookie = $this->Cookie->read('User');
if($cookie)
{
$this->Auth->login($cookie);
}
}
else
{
if(!ClassRegistry::init('TrackSession')-
>getMyAccess($this->Auth->user('id'),$this->Session->id()) && $this-
>params['action'] !='forceLogout' && !$this->RequestHandler->isAjax())
{
$this->redirect($this->Auth->logout
());
}
}
}
[/CODE]
UserController.php login action
[CODE] function login()
{
if ($this->Auth->user())
{
if (!empty($this->data))
{
$this->User->set($this->data);
if (empty($this->data['User']['remember_me']))
{
$this->Cookie->del('User');
}
else
{
$cookie = array();
$cookie['username'] = $this->data
['User']['username'];
$cookie['password'] = $this->data
['User']['password'];
$this->Cookie->write('User', $cookie,
true,'+2 weeks');
}
unset($this->data['User']['remember_me']);
$this->Session->write('username', $this->data
['User']['username']);
if(!ClassRegistry::init('TrackSession')-
>getMyStatus($this->Auth->user('id')))
{
$this->User->logTrackSession($this-
>Auth->user('id'),
$this->data
['User']['username'],
$this->Session-
>id(),
$this-
>RequestHandler->getClientIP());
$this->User->trackSession($this->Auth-
>user
('id'),
$this->Session->id(),
$this-
>RequestHandler->getClientIP());
$this->redirect($this->Auth->redirect
());
}
else
{
$this->set('force_logout_error',
'ForceLogout');
unset($this->data['User']
['password']);
//$this->redirect($this->Auth->login
());
}
}
}
$this->set('menuTab', 'login');
}
[/CODE]
---------------------------------------------------------------------------------------------------------------------
UserController.php forceLogout(action)
[CODE]
function forceLogout()
{
$username = $this->Session->read('username');
$this->User->logTrackSession($this->Auth->user('id'),
$username,
$this->Session-
>id(),
$this-
>RequestHandler->getClientIP());
$this->User->trackSession($this->Auth->user
('id'),
$this->Session->id(),
$this->RequestHandler->getClientIP
());
$this->redirect($this->Auth->redirect());
}
[/CODE]
---------------------------------------------------------------------------------------------------------------------------------
view/user/login.ctp
[CODE]
<h2>Log In To Quickwall</h2>
<?php
if ($session->check('Message.auth')):
$session->flash('auth');
endif;
?>
<?php e($form->create('User', array('action' => 'login')));?>
<fieldset>
<div class="input text">
<label for="UserUsername" class="usernamelabel"><span>
Your Name</span></label>
<?php e($form->text('username', array('class'
=> 'fullwidth'))); ?>
</div>
<div class="input text">
<label for="UserPassword" class="emaillabel"><span>Password
</span></label>
<?php e($form->password('password', array('class'
=> 'fullwidth'))); ?>
</div>
<div class="input text">
<label for="UserRememberMe" class="passwordlabel"><span>
Remember Me</span></label>
<p><?php e($form->checkbox('remember_me', array('class'
=> 'bigcheck'))) ?></p>
</div>
<?php e($form->submit('Login In', array('div' => false,
'class' => 'submitbutton'))); ?>
</fieldset>
<?php
if (isset($force_logout_error))
{
echo "you have already logged in.";
e($html->link('ForceLogout', array('plugin' =>
null,'controller' => 'users', 'action' => 'forceLogout')));
}
?>
<?php e($form->end()); ?>
[/CODE]
--------------------------------------------------------------------------------------------------------------------
/app/models/track_session.php
[CODE]
class TrackSession extends AppModel
{
public $useTable = 'TrackSession';
public $validate = array(
'UserID' => 'notEmpty',
'LoginSessionID' => 'notEmpty'
);
public function getList()
{
return $this->find('all', array('order' =>
'LogTrackSession.Status ASC'
));
}
public function getMyAccess($user_id, $session_id)
{
$access = $this->find('all', array(
'conditions' => array('TrackSession.UserID' =>
$user_id,
'TrackSession.LoginSessionID' => $session_id)
));
if (empty($access))
return false;
else
return true;
}
public function getMyStatus($user_id)
{
$status = $this->find('count', array(
'conditions' => array(
'TrackSession.UserID' => $user_id,
'TrackSession.Status' => 1
)
));
if (empty($status))
return false;
else
return true;
}
public function setMyStatus($user_id, $value = 0)
{
$fields = array('TrackSession.Status'=>$value);
$conditions = array('TrackSession.UserID'=>$user_id);
$this->updateAll($fields, $conditions);
}
}
[/CODE]
--
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-...@googlegroups.com.
To unsubscribe from this group, send email to
cake-php+unsubscr...@googlegroups.com.
For more options, visit this group at
http://groups.google.com/group/cake-php?hl=.
