A great addition to CakePHP 1.2 is the AuthComponent. It's designed to handle authentication and optionally authorization using the built-in ACL component (DB_ACL or INI_ACL) or your custom component. I'll cover the authentication in this article - authorization will be covered on the SimpleAclComponent page.
So let's start with the basics - to use it you must include the component in your AppController (Acl has to be before Auth component):
var $components = array('Auth');
Now we want to initialize the AuthComponent and set some options - the best place for this will be the AppController beforeFilter() callback
function beforeFilter() { parent::beforeFilter(); if (isset($this->Auth)) { // the authorization type (covered below) $this->Auth->authorize = null; // the rest is optional - you don't really need to specify these if the defaults are ok for You // additional options for the find query, here the user has to be verified in order to be able login $this->Auth->userScope = array('User.verified' => 1); // the action that is used for login (deafults to '/users/login') $this->Auth->loginAction = '/users/login'; // the error that is showed to the user when he supplied the wrong credentials (in Polish) $this->Auth->loginError = 'Błąd logowania. Nieprawdłowa nazwa użytkownika lub hasło.'; // the error that is showed to the user when he doesn't have access to an action (in Polish) $this->Auth->authError = 'Brak dostępu.'; // where to redirect after login $this->Auth->loginRedirect = '/users/account'; // name of the model that holds the username/pass (defaults to 'User') $this->Auth->userModel = 'User'; // fields that hold the username and password (you must specify both or use $this->Auth->fields['password'] = 'passwd';) $this->Auth->fields = array('username' => 'username', 'password' => 'password'); }
Look at the CakePHP API to see the defaults.
I usually add something along these lines in AppControlle::beforeRender()
function beforeRender() { parent::beforeRender(); $user = $this->Auth->user(); $this->set('User', $user[$this->Auth->userModel]); }
This gives me access to the actual logged user data in the view. You just need to do:
You're logged as <?php echo $User['username']; ?>
In AuthComponent there are different authorization methods ($this→Auth→authorize):
In the above calls $aco is a user array (note: it doesn't contain the user password)
$aco = array( 'id' => 1, 'username' => 'test', 'verified' => 1)
Here is the code for the login action in your UserController (yes it is complete ;):
function login(){}
And here is the view:
<h2>Login</h2> <?php echo $form->create('User',array('action' => 'login')); ?> <fieldset class="form"> <?php echo $form->input('User.username'); ?> <?php echo $form->input('User.password'); ?> <?php echo $form->submit('Submit', array('class' => 'submit')); ?> </fieldset> </form>
Now you have a basic AuthComponent working. For the authorization (ie. checking if the user is allowed to view the page) go to SimpleAclComponent.
I encourage to reach some nice tutorials about AuthComponent and Access controll using the powerful ACL built-in cake. It's much more powerful than the SimpleAclComponent I've written. Using AuthComponent and Acl in CakePHP 1.2 Using AclBehavior in CakePHP 1.2 Acl with Groups
— Marcin Domanski 2007/12/04 10:28