function beforeFilter()
{
//Change hashing function to md5
Security::setHash('md5');
//Set password field as passwd
$this->Auth->fields = array('username'=>'username', 'password'=>'passwd');
//Explicit set session key so that we can AuthHelper (read below for more details)
$this->Auth->sessionKey = 'SomeRandomStringValueThatMakesSenseToYou';
//Set authSessionKey to be used by AuthHelper
$this->set('authSessionKey', $this->Auth->sessionKey);
}
- By default, OthAuth component uses md5 encryption whereas CakePHP uses SHAH1 encryption. Currently, passwords in my database are md5 encrypted, hence, I am forcing CakePHP to use md5 by calling Security::setHash method.
- Also, note that CakePHP uses “Session.salt” value along with md5 encryption. OthAuth component had no such feature. Because of this, the encrypted password values as returned by OthAuth and Auth component, even if both the components are set to use md5 encryption, will differ. To make sure that the two password values match, change Session.salt value in app/config/core.php to an empty string.
- The last two lines are not necessary but are important to mimize changes in Views. They are required to use AuthHelper (see below)
- By default, CakePHP uses Auth.{$userModel} as the session key and, if not explicitly specified, it leaves the sessionKey variable as null. I guess this is a bug in Auth Component as it causes inconsistency in the logic. To overcome this inconsistency, I am explicitly setting sessionKey in line 3 and passing it to the view in line 4. Now, using this variable, AuthHelper can fetch user information.
function beforeFilter(){
parent::beforeFilter();
$this->Auth->allow = array('list of function that should be allowed to non registered users');
}
function beforeFilter(){
parent::beforeFilter();
$this->Auth->allow = array('*') // * indicates allow all
$this->Auth->deny = array('add', 'edit') //deny add and edit methods
}
/*
*This helper provide access to user parameters such as username, id, etc., of currently logged in user
*Send comments and feature request to ragrawal at gmail dot com
*@author – Ritesh Agrawal
*@version 0.1.0
*@license MIT
*/
class AuthHelper extends Helper {
var $hashKey = null;
var $initialized = false;
var $helpers = array (‘Session’);
function init() {
if (!$this->initialized) {
if (!isset ($this->view))
$this->view = & ClassRegistry :: getObject(‘view’);
if (!empty ($this->view->viewVars[‘authSessionKey’]))
$this->hashKey = $this->view->viewVars[‘authSessionKey’];
$this->initialized = true;
}
}
function sessionValid(){
$this->init();
return ($this->Session->check($this->hashKey));
}
// Get User Variables
function user($key) {
$this->init();
// does session exists
if ($this->sessionValid()) {
$user = $this->Session->read($this->hashKey);
if (isset($user[$key]))
return $user[$key];
}
return false;
}
}
?>
$othAuth->sessionValid with $auth->sessionValid and $othAuth->user with $auth->user, etc.
References:
CakePHP cookbook has a well document section on Auth component.
<!–p