> CakePHP Auth Component - Tutorial Two

Friday, January 11th, 2008

This is the second installment of my Auth Component Tutorial. I included a link to download a file for during the first installment:

Download: CakePHP Auth 1  CakePHP Auth 1 (4.3 KB, 1,640 hits)

I just think that some of the stuff in there warrants some explanation.

isAuthorized()

This function is needed when $this-Auth->authorize = ‘controller’. Theory has it, you can do something similar in app_model if $this-Auth->authorize = ‘model’, but I haven’t looked into this.

The thing that confused me about this is that I thought you were required to perform your own validation. But oh no, this is additional authorization. Sort of like what beforeSave() does, where you can cancel the save after the validation. isAuthorized() is performed after the user has been logged in. If after that, you need some additional stuff, then you can put it in there. I’m not sure why it doesn’t default to return true like beforeSave() (if everything goes well), but if it’s not present, it errors out.

$this->Auth->user(’group_id’)

In my User Model I have a field called group_id. So you guessed it, this just returns the group_id of the user that’s logged in. Things couldn’t be simpler.

$this->Auth->userScope = array(’User.active’ => 1)

userScope is simply used as an added set of conditions and it behaves exactly the same way that $conditions works with the Model::find() function. So what I got about says that the user must be active to login.

So there you go. Happy Baking!

Popularity: 100%

Share This

If you're new here, you may want to subscribe to my Full RSS feed. Thanks for visiting!



Filed Under CakePHP | Tags: , , ,

Related Posts

  11 Responses to “CakePHP Auth Component - Tutorial Two”


  1. You wrote “The thing that confused me about this is that I thought you were required to perform your own validation. But oh know, this is additional authorization”

    I think you are mixing Authentication and Authorization here - Logging in is Authentication and deciding if a particular action is allowed or not is Authorization - in other words Authorization is more related to Access Control(ACL) than Auth

    Anyways - great effort!

    Tarique Sani, on January 11th, 2008 at 7:53 pm

  2. No, I got it right. At the point that isAuthorized() is called, the user is already logged in, so it is performing authorization. It is called isAuthorized, after all.

    Baz L, on January 11th, 2008 at 9:10 pm

  3. This is cool, I was wondering what isAuthorized() was for. Thank you for clearing it up.

    Marc, on February 15th, 2008 at 1:16 pm

  4. I really like your site, I was attempting to add to my favorites in entrecard and I got a serious bug message… I’m so happy to see my own web app is not the only one. In my app those generic msgs come out when somebody manages to get an ill formed query past the data validators. Oops. I’ll try again, I know they just did an update and messed up all the ad prices. :D

    Colleen Dick, on April 14th, 2008 at 10:06 am

  5. Hi kevin,
    Is this site all dedicated to CakePHP? or do you try other frameworks as well. I have tried Codeigniter, seems simpler to me. Anyway i will add you to my fav list on entrecard since we share the same interest in the field of programming.

    Regards

    Roy L. Besiera, on April 17th, 2008 at 3:56 am

  6. Thank you…
    I really need that…
    :)

    yosax, on April 23rd, 2008 at 12:25 pm

  7. With respect to the group_id field in your User model…

    From reading a whole slew of tutorials on this, I’m slightly confused. Does the ACL handle the group name and ID, or should a separate model be created to maintain an associated Group model?

    It’s just that you say $this->Auth->user(’group_id’) returns the user’s group id, and it’s “that simple”, but what good is this group_id for exactly? Is it being used with ACL, for your own purposes…what? :D Also, although I can look it up (and probably will, but for others who are reading here) does the $this-Auth->user() method allow you to get information on ANY field from the user model, or is it specific to information for the Auth component (since it’s called via the Auth class)?

    Brendon Kozlowski, on May 1st, 2008 at 4:33 pm

  8. Noooooo, ACL is a whole other animal. I simply have a basic Model for Group and go based off of the ID: admin - 0, editor - 1, etc. The user can’t edit these things. And if you delete the admin group (which I don’t allow) and later recreate it (thus pushing the ID to something other than 0), then you’re screwed. This is just my very simple method of grouping things.

    ACL is all cool and dynamic and complicated. Sorry, maybe I’d get to it some time in the future when/if I understand it.

    $this->Auth->user() returns the the entire user Model in an array if you don’t specify a key.

    Hope that clarifies things.

    Baz L, on May 1st, 2008 at 5:36 pm

  9. It does clarify, thank you Baz! Thank you for the simple write ups as well, I’m sure it will be useful to others as time goes on (assuming it’s not changed much before the non-beta release). ;)

    Brendon Kozlowski, on May 2nd, 2008 at 8:31 am

  10. ThanX. I appreciate it.

    It’s just that I remember the great feeling of that lil’ light bulb going off in my head when Chris, TommyO and Gwoo helped me to understand this for the first time.

    I’m just trying to share that.

    Baz L, on May 2nd, 2008 at 8:34 am

Trackbacks & Pingbacks

  1. CakePHP Tutorials :: PseudoCoder.com, on February 13th, 2008 at 8:08 pm

Leave a Reply (I Follow)