t;
>> 2009/4/9 Jorge Horacio Cué Cantú :
>> > Hello,
>> >
>> >
>> > Set
>> >
>> > $this->Auth->redirect = false
>> >
>> > in AppController::beforeFilter().
>> >
>> > The the login() action
Your wellcome, sorry for the small mistake.
2009/4/9 brian
>
> 2009/4/9 Jorge Horacio Cué Cantú :
> > Hello,
> >
> >
> > Set
> >
> > $this->Auth->redirect = false
> >
> > in AppController::beforeFilter().
> >
> > The th
2009/4/9 Jorge Horacio Cué Cantú :
> Hello,
>
>
> Set
>
> $this->Auth->redirect = false
>
> in AppController::beforeFilter().
>
> The the login() action will be called after a successful login.
>
Thanks, that's it (sort of). The var is actually $t
Hello,
Set
$this->Auth->redirect = false
in AppController::beforeFilter().
The the login() action will be called after a successful login.
Regards.
2009/4/9 brian
>
> Actually, yes, I did consider that and I think I will do it that way.
> But that still leaves with this
Actually, yes, I did consider that and I think I will do it that way.
But that still leaves with this problem: how to check this field after
a successful login?
On Thu, Apr 9, 2009 at 11:48 AM, Angry Coder wrote:
>
> Have you considered a separate column in your users table of
> "
Have you considered a separate column in your users table of
"accepted_eula" or "eula_version_accepted" if you want to track which
version of the EULA they have accepted?
It would be easy then to force users to re-accept if it changes and
you do not have to lose the "last_login" data if you wish
OK, it looks like one can't override login() with AuthComponent in
place. I was sure I could, and it doesn't make sense to me that I
can't. If someone knows otherwise, please advise.
So, I tried putting my code in isAuthorized().
AppController:
function beforeFilter()
{
parent::beforeFilter();
$this->Auth->allowedActions = array('eula', 'register',
'reset_password');
}
public function login()
{
if (!empty($this->data))
{
if ($this->Auth->login($this->data))
#x27;email', 'password' =>
> 'password');
> $this->Auth->userScope = array( 'User.enabled' => 1);
> $this->Auth->loginError = 'No matching user found.';
> $this->Auth->loginAction = array('control
h->userScope = array( 'User.enabled' => 1);
$this->Auth->loginError = 'No matching user found.';
$this->Auth->loginAction = array('controller' => 'users', 'action' =>
'login');
$this->Auth-&g
Yes, Logout, but first I would like the original poster to make it
work as wished for, then any further checking can be implemented on a
need basis.
Enjoy,
John
On Mar 31, 8:05 pm, logout wrote:
> I woud set $this->Auth->loginRedirect to false and check in the login
> () action
I woud set $this->Auth->loginRedirect to false and check in the login
() action if the user is logged or not. This way you can check a lot
more things (user role, etc.) and redirect the logged user wherever
you want. Oh, and one more thing, disable the browser cache for the
login form...
y thanks for the help so far. Let's try to be a bit more clear...
> that's my scenario:
>
> 1) only authenticated users have access to the site (but the login
> form, of course)
>
> for a visitor (non auth user):
> 2) example.com should redirect to example.com/users/log
In your case I would change your route "/" as I specified earlier and
in the app_controller->beforeFilter function, add:
$this->Auth->loginRedirect = array('controller' => 'foo',
'action' => 'index');
Thus when a user pr
Hello All,
Many thanks for the help so far. Let's try to be a bit more clear...
that's my scenario:
1) only authenticated users have access to the site (but the login
form, of course)
for a visitor (non auth user):
2) example.com should redirect to example.com/users/login with no
err
I misunderstood you!
My solution is to use a route, defined as:
Router::connect('/', array('controller' => 'users', 'action' =>
'logout'));
in my routes.php, thus any access at the root gives me the login form
using the users contro
Since you only mentioned a problem on the "index page" I did not go
into anything more complicated.
You can either remove it from the session before displaying the login
screen. Then it will pop up anywhere else.
Alternatively you can make an if-clause:
if ( $this-&
$this->Auth->authError = null?
But in my opinion its a real bad idea to redirect an already logged in
(!) user to a login again. That will look to the user like the app is
acting wrong and is confusing. If hes logged in but not allowed to
access a certain area he should get a notice that
o get a simple login form working. Currently when
> a visitor tries to reach '/' one is redirected to the login form,
> which is desirable, but an error message is displayed "You are not
> authorized to access that location.", which is not desirable. Any clue
> how do I
Hi Martin,
Yes I am talking exactly about that message. Changing it the way you
suggest would make it very weird to users already logged in that are
trying to access resources they are not allowed to. Also, I would like
to have no message at all... just the login form.
Thank you.
On 30 mar, 15
Hello John,
Thanks for the answer but I don't see how it could help me. Can you
please clarify ?
On 30 mar, 15:13, John Andersen wrote:
> Use thishttp://book.cakephp.org/view/385/logoutas the redirect!
--~--~-~--~~~---~--~~
You received this message because you a
That would be the authError message you are seeing.
You can set it (from AppController::beforeFilter for example) like
this:
$this->Auth->authError = 'Hi, and welcome. Please login before
proceeding.';
I have a habit of setting it to something more friendly than the
default. T
Use this http://book.cakephp.org/view/385/logout as the redirect!
Enjoy,
John
On Mar 30, 8:26 pm, iFeghali wrote:
> Hello,
>
> I have followed [1] to get a simple login form working. Currently when
> a visitor tries to reach '/' one is redirected to the login form,
>
Hello,
I have followed [1] to get a simple login form working. Currently when
a visitor tries to reach '/' one is redirected to the login form,
which is desirable, but an error message is displayed "You are not
authorized to access that location.", which is not desirabl
This should be in your AppController beforeFilter(): $this->Auth-
>loginRedirect = array('controller' => 'users', 'action' => 'cms');
Also what is $Auth, and where is it coming from?
http://www.milesj.me/blog/read/5/using-cakephps-auth-component
--~--~-~--~~~---~--~---
nds /
> family so this would restrict a user from logging in only once.
>
> So for example on login update a field in the user table LOGGEDIN to 1 and
> on logout set it to 0. So if Jeff shares his acct info with his wife and
> Jeff logs in then his wife tries to log in (it checks LOGG
I should also add, when I log in, I am redirected to my home page. And this is
obviously not correct.
--
View this message in context:
http://n2.nabble.com/Simple-Auth-Login-System-%28Code-Included%29Need-Tips-tp2547075p2547136.html
Sent from the CakePHP mailing list archive at Nabble.com
about this sensibly
and per the correct MVC pattern.
Is what I am writing logical and making sense or am I way off here?
--
View this message in context:
http://n2.nabble.com/Simple-Auth-Login-System-%28Code-Included%29Need-Tips-tp2547075p2547128.html
Sent from the CakePHP
var $components = array('Auth');
}
--
View this message in context:
http://n2.nabble.com/Simple-Auth-Login-System-%28Code-Included%29Need-Tips-tp2547075p2547094.html
Sent from the CakePHP mailing list archive at Nabble.com.
--~--~-~--~~~---~--~~
You received th
Forgot to mention:
1) My database and table are created and working OK with my script.
--
View this message in context:
http://n2.nabble.com/Simple-Auth-Login-System-%28Code-Included%29Need-Tips-tp2547075p2547080.html
Sent from the CakePHP mailing list archive at Nabble.com
dly secure system, and this
login function i have going is working.
But what I cannot resolve is:
1) How do I redirect the users to my views/cms/index once the user has logged
in? In my index controller function I tried:
$this->Auth->loginRedirect = array('controller' => '
Right on..
Thanks,
Will give that a try.
Dave
-Original Message-
From: brian [mailto:bally.z...@gmail.com]
Sent: March-26-09 8:12 PM
To: cake-php@googlegroups.com
Subject: Re: Login Security
That'd be vulnerable to locking people out because the last time they logged
in they d
to be logged in from one
> location...sounds stupid but some people share acct info with friends /
> family so this would restrict a user from logging in only once.
>
> So for example on login update a field in the user table LOGGEDIN to 1 and
> on logout set it to 0. So if Jeff shares
Just a general question.
Can I restrict a user to only allow the user to be logged in from one
location...sounds stupid but some people share acct info with friends /
family so this would restrict a user from logging in only once.
So for example on login update a field in the user table
I'm glad I could be of some help.
I wrote a ActiveDirectory authenticator in php long ago and I still
like these integrated authentications. I hope it works well for you.
Database queries are usually pretty fast and shouldn't cause you too
many problems for this type of "intranet" application.
Hello Martin,
Thank you for you answer. I had to implement my custom methods find()
and hashPassword() in the user model. I end up with:
hashPasswords:
1) find username in database
2) if username not found, fail
3) check user type. if type = "local" then return Security::hash()
4) if type = "nis
You can do that easily enough by overriding the find method in User
and/or adding a hook to afterFind or beforeFind.
function beforeFind($query){
if ( you think this is a login "find" ) {
if ($this->nisAuthenticate($uname,$pass)) {
Ok just took a look again at Auth source code. $authorize is not
useful for me for the reason said in the last email. $authenticate is
used only for the hashPasswords() method so its not helpful in my case
too. Perhaps I am looking for a way of changing the method
Auth::identify() but I don't want
Hello Martin,
Thank you for your answer. Yes I did found the LDAP examples around
the Net and Bakery but still I can't understand how the whole thing
works. I also read about the isAuthorized() method but as far as i
understand it its just supposed to do the "authorization" stuff and
not "authent
llo There,
>
> I want to authenticate my users against a database table or a NIS
> domain, depending on a flag set in the user record. I have noticed
> that Auth already did the form processing in the time the login()
> method of users controller is called so i guess its not the rig
Hello There,
I want to authenticate my users against a database table or a NIS
domain, depending on a flag set in the user record. I have noticed
that Auth already did the form processing in the time the login()
method of users controller is called so i guess its not the right
place to digg into
Hi,
I need help with the enlargement of the Auth component.
The following problem or scenario, I would like to bind: User can
login with two browsers on my website twice, since each browser writes
a cookie.
I want to teach the login-action before Login to check whether the IP
address has a
I have the Auth component working correctly on my development site
(localhost).
I have a problem when I try to use it on my production server. If I
try to access /users/login, I am sent to a 404 page (my web hosts, not
a CakePHP page).
I have a very simple Auth configuration; I'm usin
Thank you very much!
This solved the problem :)
On Mar 7, 3:08 pm, Dardo Sordi Bogado wrote:
> set $this->Auth->autoRedirect = false; and then handle the redirect in
> the login() function: $this->redirect($this->Auth->redirect());
>
> On Sat, Mar 7, 2009
set $this->Auth->autoRedirect = false; and then handle the redirect in
the login() function: $this->redirect($this->Auth->redirect());
On Sat, Mar 7, 2009 at 8:55 PM, calzone wrote:
>
> There seems to be an issue with cake 1.2.1.8004 relative to 1.2.0.7692
> RC3 beca
There seems to be an issue with cake 1.2.1.8004 relative to 1.2.0.7692
RC3 because I am using the exact same login routines for both on two
different apps and in the older version, the code gets processed
during the login.
Under 1.2.1.8004 no code I put inside the login() function gets
processed
Have a look at this tutorial
http://www.studiocanaria.com/articles/cakephp_auth_component_users_groups_permissions_revisited
2009/2/27 Dhana
>
> Is it possible to secure the admin_path so that regular users don't
> have access to it? I am already using the Auth component for
Is it possible to secure the admin_path so that regular users don't
have access to it? I am already using the Auth component for a user
login where they can perform their user tasks. But I would also like
to have an admin that can see all the users stuff. The prefix routing
works fi
$this->Auth->allow('index');
$this->Auth->allow('view');
$this->Auth->loginRedirect = array('controller' => 'users',
'action' => 'secure');
$
th, no more
> exists after theredirect.
>
> Regards,
> Nirbhab
Hi Nirbhab,
Try show us some code, where you are having this problem! For example,
where you define the Auth usage and where you define the login
redirect, and the login action.
Best wishes,
John
--~--~-~--~
ging by putting logging statements in your code step by step and
> see what you get.
>
> $this->log('yayaya');
>
> And you can check them inside app/tmp/logs/
>
> Cheers,
> Adam
>
> - Original Message -
> From: "benjam"
> To: "CakePHP&qu
Hey All,
I am using AUTH component, after a successfully login, page is
redirected to the redirect url.
But i am not able to login, coz the session for the user doesn't
exists.
means the the session set by the Login function of Auth, no more
exists after the redirect.
Regards,
Ni
Hello!
Did anyone encounter this problem? Unable to login and out with the
same account successively multiple times?
I am using Auth for authentication for my application. Setup with help
from
http://www.studiocanaria.com/articles/cakephp_auth_component_users_groups_permissions_revisited
But
, 2009 8:15 PM
Subject: Debug off denies access to login page
>
> I have a site that uses ACL and Auth to control access to the admin
> portion of the site, as well as one other non-admin page.
>
> When I have debug set to 2, I can log in and access the admin fine,
> and whe
ry to access the admin section, it
redirects me to the login page (as it should), but then gives me a 404
on the login page.
I don't have any debug specific code anywhere, so I can't seem to put
my finger on why this may be happening. And the real kicker is, it
only happens when debug is
Hello together,
now i'm at the point that somebody should register on my system. There
a little problem, because the add action in my user controller need an
login, thats pointless.
in my entries Controller is an action
isAuthorized where i define the 'allows' which run without
Last night I spend a little more research on it and brought up a new
keyword, that describes this issue in more common terms:
"thread safe" application design.
I found some blog entries among thread safe tabbed browsing design...
http://coding.derkeiler.com/Archive/PHP/comp.lang.php/2005-04/msg0
On Feb 16, 12:22 am, hashmich wrote:
> Yyyess, you're right.
> But... I also have a less complicated reason to think about it:
> If my user has one (or many :o) brother (they haven't got each an own
> computer), he might open a new tab for him to do what ever he has to
> do in my app. After tha
Are your sessions tied to cookies or the database?
I'm new to this issue, but I remember coming across this concern
previously too, and had to open one FireFox and one IE whenever there
are 2 users.
I suspect the newer google chrome may have a solution directly for
this, as it handles each tab as
Then the brothers should just logout and then log back in.
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group
x27;m looking for information to build the following:
> > A possibility to allow more than one user to login my application
> > within different browser-tabs, but sharing only one browser-window on
> > one terminal.
>
> > The current behavior I have is (I'm using the bu
Hi Bjorn,
I experienced similar strange behavior, when I didn't log out before
logging in again.
If $this->Session->read('Auth.User.id') is still valid,
the login-action seems not to be performed, because it's not
necessary. Same happens then to the redirect.
Be sure t
Hi,
I just updated to version 8004 from 7296 and now I have problem with
logging in.
In my beforeFilter in app_controller I have the following
$this->Auth->loginAction = array('controller' => 'users',
'action' => 'login');
This sounds Craazzyyy dont do it
On Feb 15, 4:10 pm, hashmich wrote:
> Hi there,
>
> I'm looking for information to build the following:
> A possibility to allow more than one user to login my application
> within different browser-tabs, but sharing only one browser-wind
Hi there,
I'm looking for information to build the following:
A possibility to allow more than one user to login my application
within different browser-tabs, but sharing only one browser-window on
one terminal.
The current behavior I have is (I'm using the built in Auth-Comp of
Everything looks ok. And I guess something as follow:
1.
Is your users table has both username and password fields.
2.
How about the hash password stored after registration action.
3.
Try this code in Users::login action, you should remove comment at
//print_r($user) for debug
if(!empty($this
oops, sorry, was in a rush to leave for work didnt have time to post
it.
The login function is empty, which according to the docs on the auth
component, thats the way its supposed to be since auth does it all.
my config for auth in the AppController is:
var $components = array('
Can we see your login action() and all the config for auth.
On Feb 10, 1:29 pm, Dcahrakos wrote:
> Hi,
>
> I am using the Auth component for registration and login, registration
> is working perfectly, but login doesnt seem to be doing anything at
> all,
>
> I ha
Hi,
I am using the Auth component for registration and login, registration
is working perfectly, but login doesnt seem to be doing anything at
all,
I have Auth loaded in the AppController since I will be using it site
wide, however when I try to log in I just return to the login page
because
http://bakery.cakephp.org/articles/view/ldap-models-in-cakephp
was the place I got LdapUser model guide. Certainly, my app could not apply
this (because my database scripts is different). I make inheritance from it
only.
I'm new in cakePHP Framework, but I think it's great. How about you ? How
lon
On Fri, Feb 6, 2009 at 1:18 AM, Son Dat Giang wrote:
> Many thanks to Servat and Weldon for giving me easier ways to solve my
> problem.
>
You're welcome.
Have you got any experience about LdapUser & SSO ?
>
SSO very little ... and some LdapUser experience. Err, where did you get
LdapUser from
Many thanks to Servat and Weldon for giving me easier ways to solve my
problem.
Yeah, login have username and password always. But my project uses SSO
(using Active Directory and LdapUser). Right now, I have no Active Directory
to connect to, so my password field is disabled and that is the reason
On Thu, Feb 5, 2009 at 11:49 PM, datgs wrote:
>
> Hi everybody,
>
> I've had to rewrite code in AuthComponent class to login with username
> only.
>
> Was it the best way for my purpose. Is there any way without changing
> the code in AuthComponent.
>
I had to
login, or use a hidden
field (since you dont really need passwords, making the password completely
readable, but hidden on the form, would not pose a security risk, really).
So, on the UsersController, afterSave() update the password to be some
generic password.
And on your login form:
input
Hi everybody,
I've had to rewrite code in AuthComponent class to login with username
only.
Was it the best way for my purpose. Is there any way without changing
the code in AuthComponent.
Thanks,
--~--~-~--~~~---~--~~
You received this message because yo
Though my research,
if I use the (http://www.mysite.com), I can login very good[ in the status
of have no cookie]
but use the (http://mysite.com), i cann't login [in the status of have
no cookie.]
the error is user or password is not found
2009/2/5 Rimoe
> Hi,
>
Hi,
everyone.
when use the Configure::write('debug', 2);I don't want to print the debug
info to the web page,
I want to print the debug info to other file.
can i do this?
I can't to login use the (auth), anything info can 'echo' to tell me, why is
it that can
#x27;Cache.disable', true);]
Thanks
2009/2/4 Esoteric
>
> First http://book.cakephp.org/view/172/Authentication has the perfect
> example of how to just get login working, though I think you were
> saying you have that working.
>
> Next, use the session component instead of i
First http://book.cakephp.org/view/172/Authentication has the perfect
example of how to just get login working, though I think you were
saying you have that working.
Next, use the session component instead of interacting with php build
in session functions this allows everything to stay in
Yes, when login , I have no use the Auth->login(),but when add user, i must
use the Auth->login(),
my php version is php4.3
when I set ['session.use_cookies', 0 ] in session.php,
I can't log in.
Thanks for your answer.
by the way, dou you know why is it I can&
You do not use Auth->login(), its automatic.
http://www.milesj.me/blog/read/5/using-cakephps-auth-component
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send
on.use_cookies', 0);//changed the value
ini_set('session.name', Configure::read('Session.cookie'));
ini_set('session.cookie_lifetime', $this->cookieLifeTime);
ini_set('session.cookie_path', $this->path);
ini_set('session.auto_start', 0);
hi,groups,
I can't use the cookies,
how can I use the ($this->Auth->login($this->data))to login.
Thanks
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group
->params['action'] == 'login' check for
> $this->data['User']['username'] and, if it's empty (and email isn't)
> do"
>
> $this->data['User']['username'] $this->data['User']['email'];
>
&g
I suppose you could put the logic in beforeFilter(). If the
$this->params['action'] == 'login' check for
$this->data['User']['username'] and, if it's empty (and email isn't)
do"
$this->data['User']['username']
Hi,
I was wondering if anyone knows how to set the Auth component to allow
login using either:
Email + Password
OR
Username + Password
I have seen lots of site that do this but can't work out how to do it
in Cake.
I have tried the below which doesn't wo
omain 2 is
>
> CAKEPHP=7670a7495b4cefddf78b50621c60c7bc
>
> so the session's setting are different.
> how to let the domain 2 is like the domain 1 that take the long parameter.
>
> I think this can be set in core.php
>
> but I don't know , it's which one,
e
> add,
> in the PC, 2 domain can been login very good.
>
>
>
> 2009/2/3 Rimoe
>
> hi,
>>
>> everyone.
>>
>> I have used 2 domain to view my site by mobile,
>>
>> The domain 1 can been login.
>> but the domain 2 can't been log
add,
in the PC, 2 domain can been login very good.
2009/2/3 Rimoe
> hi,
>
> everyone.
>
> I have used 2 domain to view my site by mobile,
>
> The domain 1 can been login.
> but the domain 2 can't been login.
>
> I think the cause is apache's config
hi,
everyone.
I have used 2 domain to view my site by mobile,
The domain 1 can been login.
but the domain 2 can't been login.
I think the cause is apache's config
which one apache setting is wrong,
I don't know.
If you know,please tell me, Thank you ver
> Any existing solutions out there? I've read mentions of things like
> obAuth -- is that the way to go?
Hi,
exactly my problem... Yesterday I tried dAuth - seems to be well
suited for Version 1.1
but causes amazing errors in (my) version 1.2.1.8004.
The first thing were troubles with the ht
array
> ('validate' => 'first'))
>
> If one of the validations in the News or Link data-set fails, it all
> works fine, shows the errors, etc. However, if I try to re-submit, the
> form with the error, the application freaks out and kills my
> Authenticated
dations in the News or Link data-set fails, it all
works fine, shows the errors, etc. However, if I try to re-submit, the
form with the error, the application freaks out and kills my
Authenticated session, prompting me to login again - the AuthMessage I
see is that I do not have permission to acc
I suppose, if Auth->authorize = 'controller', you could put this in
your UserController::isAuthorized() method. Just be sure to return
true. Alternatively, I guess you could put it in afterFilter() and do
this only when the action is login.
Or, you could just add it into the e
Hello everyone,
Do you know how I can add a saveField action right after a succesful
login using Auth?
I would like to update the User.last_visit with the current date just
after the user is logged in. Do I have to rewrite the login function
in the users_controller or is there another way
On Jan 24, 10:22 pm, Miles J wrote:
> The Auth component takes care of login/logout, session and security
> control, etc.
>
> You would have to manually build the registration and other pages, but
> its relatively simple.
>
> On Jan 24, 1:52 pm, WillieBHines wrote:
>
>
The Auth component takes care of login/logout, session and security
control, etc.
You would have to manually build the registration and other pages, but
its relatively simple.
On Jan 24, 1:52 pm, WillieBHines wrote:
> Many applications I build require a way for users to register, log
Many applications I build require a way for users to register, log in,
find forgotten passwords -- and often have their initial registration
validated via email.
Any existing solutions out there? I've read mentions of things like
obAuth -- is that the way to go?
Thanks!
--~--~-~--~~
Have the homepage login forms action destination go to the users
login:
// homepage
--~--~-~--~~~---~--~~
You received this message because you are subscribed to the Google Groups
"CakePHP" group.
To post to this group, send email to cake-php@googlegro
Henrique Machado wrote:
> I need to provide an access count to my users
>
> Like "This is you 4 time here"
>
> I'm using the Auth component, my doubt is where put my
>
> $this->User->updateAll(array('User.access'=> 'User.access+1'),
> array('User.id' => $user['User']['id']));
>
> I need to be sur
901 - 1000 of 1395 matches
Mail list logo