Though my app has substantially more models and actions than the Simple ACL Controlled Application on the Cake main site, I've followed it to the letter but for one or two slight additions. All the same, I can't authorize any login actions and I don't understand why. Any help here would be hugely helpful, I've been pouring over the API, similar stackOverflow questions, etc. and am properly stuck. Below is the pertinent code from
- AppController
- Users Controllers
- User Model
- Users.login View
- Groups Controller
- Group Model
Update - Solved
If this helps, following from this answer on stackOverflow, I gave this a whirl:
pr(AuthComponent::password($this->data[$this->alias]['password']));
before calling $this->Auth->login() and, sure enough, the password hash doesn't match (at all) the one in my database. Upon closer inspection, my password field was restricted to 32 characters when in fact it needed 36. Real facepalm moment.
1. AppController
class AppController extends Controller {
public $components = array( 'Session',
'Quick',
'Acl',
'Auth' => array(
'loginAction' => array('controller' => 'users', 'action' => 'login'),
'authenticate' => array(
'Form'=> array(
'fields' => array(
'username' => 'email',
'password' => 'password'))),
'authorize' => array(
'Actions' => array('actionPath' => 'controllers')
)
)
);
public $helpers = array( 'Html', 'Form', 'Session', "Js"=>array("SafejQuery"), "Foundation");
public function beforeFilter() {
$this->Auth->allow('display');
$this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
$this->Auth->logoutRedirect = array('controller' => 'pages', 'action' => 'home');
$this->Auth->loginRedirect = array('controller' => 'users', 'action' => 'home');
}
}
2. Users Controller
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow('index','view');
}
public function login() {
if ($this->request->is('post')) {
if ($this->Auth->login()) {
return $this->redirect($this->Auth->redirectUrl());
}
$this->Session->setFlash(__('Your username or password was incorrect.'));
}
}
public function logout() {
$this->Session->setFlash('Good-Bye');
$this->redirect($this->Auth->logout());
}
/* USED FOR ACL ASSIGNMENT ONLY */
public function initDB() {
$group = $this->User->Group;
$group->id = ADMINISTRATOR_ID;
$this->Acl->allow($group, 'controllers');
$group->id = EDUCATOR_ID;
$this->Acl->allow($group, 'controllers');
$group->id = STUDENT_ID;
$this->Acl->deny($group, 'controllers');
$this->Acl->allow($group, 'controllers/Users/home');
$this->Acl->allow($group, 'controllers/Modules/run');
$this->Acl->allow($group, 'controllers/Modules/consent');
echo "all done";
exit;
}
3. User Model
// $belongsTo built with bake, but present
public $actsAs = array('Acl' => array('type' => 'requester'));
public function beforeSave($options = array()) {
/* Note: I tried to use the SimplePasswordHasher object as per the 2.4 API,
* but the class wasn't found (but does exist at
* lib/Cake/Controller/Component/Auth/SimplePasswordHasher.php */
$this->data['User']['password'] = AuthComponent::password($this->data['User']['password']);
return true;
}
public function bindNode() {
$data = AuthComponent::user();
return array('model' => 'Group', 'foreign_key' => $data['User']['group_id']);
}
public function parentNode() {
if (!$this->id && empty($this->data)) {
return null;
}
if (isset($this->data['User']['group_id'])) {
$groupId = $this->data['User']['group_id'];
} else {
$groupId = $this->field('group_id');
}
if (!$groupId) {
return null;
} else {
return array('Group' => array('id' => $groupId));
}
}
4. User.login View
<h2>Login</h2>
<?php
echo $this->Form->create('User', array('url' => array('controller' => 'users', 'action' => 'login')));
echo $this->Form->input('User.email');
echo $this->Form->input('User.password');
echo $this->Form->end('Login');
?>
5. Groups Controller
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow('index','view');
}
6. Group Model
public $actsAs = array('Acl' => array('type' => 'requester'));
public function parentNode() {
return null;
}