May
9
Disclaimer: These are primarily notes for myself as I get accustomed to CakePHP's (v1.2) authentication and ACL. I've been building a website and wanted to finally make use of CakePHP before I start using it for the library's CMS. A CMS is a large undertaking and I don't want to go into it "cold-turkey", so I came up with some side-project to help me understand the framework a bit better. All in all, it truly is an extremely rapid development tool.
I decided not to go with ExpressionEngine or Drupal simply because I'd still have to take time to learn those systems and make modules or extensions within those languages - and there's no guarantee I'd be able to do what I'd need to do with them. If I build it myself, it would take just about the same amount of time with Cake. Anyway, to continue...
I decided not to go with ExpressionEngine or Drupal simply because I'd still have to take time to learn those systems and make modules or extensions within those languages - and there's no guarantee I'd be able to do what I'd need to do with them. If I build it myself, it would take just about the same amount of time with Cake. Anyway, to continue...
Once ready, to enable the ACL, one would run:
cake schema run create DbAcl
If the entire site will be using Authentication (and will be run off controllers and respective views), create a file app_controller.php in the app (project name) root; app_controller.php should simply extend controller:
Within the app_controller.php file, you'll want to add the Auth component. For my current project I also want to allow viewing of each controller's index and view actions, so I added that into my beforeFilter...
When using Auth, it expects (by default) you to use a model named users with a username and password field. This can be overridden, but because this post is more for my own records, if you're interested you can read more about that here in the Cake Cookbook (documentation page on Authentication). So in my UsersController I need to add two actions: login and logout - as UsersController extends AppController, unless I need more different components, I do not need to redeclare the component variable for Auth...if I did need to add more, it will automatically override the extended property from AppController, so I'd have to explicitly use Auth here as well.
Luckily the Auth component has its own login and logout methods, they simply need to be declared within the UsersController so they can be used. The logout action requires a small amount of logic. The login action can be used for further authentication details and associations, but I'm not going to use it, so read the documentation. Below are my two actions within the UsersController:
I also added my own beforeFilter to allow users access to register (with the default model action of "add" in my project, so User/add):
All that's left is to create a simple form for the login method in my views folder, under the users folder - login.ctp:
The simple form above is found within the documentation on the Cake Cookbook, I didn't need any further improvement...I'm also still building up from a skeletal bake build, so I've got a ways to go yet, but all major functionality is still here (for my entire application) and it took about 2 hours from finishing up the database layout to creating the fully interactive website and user authentication. Now if I can just figure out Cake's ACL and how I personally want to go about it...there are a few different ways it's been implemented from the tutorials I've seen. For the less inclined, I'd suggest going with DarkAuth instead of Cake's own implementation (at this time).
If the entire site will be using Authentication (and will be run off controllers and respective views), create a file app_controller.php in the app (project name) root; app_controller.php should simply extend controller:
Within the app_controller.php file, you'll want to add the Auth component. For my current project I also want to allow viewing of each controller's index and view actions, so I added that into my beforeFilter...
When using Auth, it expects (by default) you to use a model named users with a username and password field. This can be overridden, but because this post is more for my own records, if you're interested you can read more about that here in the Cake Cookbook (documentation page on Authentication). So in my UsersController I need to add two actions: login and logout - as UsersController extends AppController, unless I need more different components, I do not need to redeclare the component variable for Auth...if I did need to add more, it will automatically override the extended property from AppController, so I'd have to explicitly use Auth here as well.
Luckily the Auth component has its own login and logout methods, they simply need to be declared within the UsersController so they can be used. The logout action requires a small amount of logic. The login action can be used for further authentication details and associations, but I'm not going to use it, so read the documentation. Below are my two actions within the UsersController:
I also added my own beforeFilter to allow users access to register (with the default model action of "add" in my project, so User/add):
All that's left is to create a simple form for the login method in my views folder, under the users folder - login.ctp:
The simple form above is found within the documentation on the Cake Cookbook, I didn't need any further improvement...I'm also still building up from a skeletal bake build, so I've got a ways to go yet, but all major functionality is still here (for my entire application) and it took about 2 hours from finishing up the database layout to creating the fully interactive website and user authentication. Now if I can just figure out Cake's ACL and how I personally want to go about it...there are a few different ways it's been implemented from the tutorials I've seen. For the less inclined, I'd suggest going with DarkAuth instead of Cake's own implementation (at this time).
0 Trackbacks