Originally, my understanding of how Auth redirect was supposed to work
was the following:
- If the user is not logged in, and requests a page for which they
need authorization, they are presented with the login screen. After a
successful login, the user is redirected to the page they originally
requested. Auth->loginRedirect is ignored.
- If the user is not logged in, accesses the login page directly, and
successfully logs in, then the user is redirected to the URL stored in
Auth->loginRedirect.
After playing with it for a bit, the actual behavior seems to be
closer to:
- If the user is not logged in, and requests a page for which they
need authorization, they are presented with the login screen. After a
successful login, the user is redirected to the page they originally
requested. Auth->loginRedirect is ignored.
- If the user is not logged in, and clicks a link from ANY other page
to /users/login, then after login they are redirected to that page.
Auth->loginRedirect is ignored.
(note 1: in my mind, this counts as "accessing the login page
directly", since the user was not forced there by a redirect).
(note 2: this isn't 100% accurate. The Auth.redirect session
variable seems to store the FIRST referral to /users/login from
another page, and always seems to use that even if the user navigates
away before logging in and returns to /users/login from a different
link. Is this a bug?).
- If the user is not logged in, accesses the login page directly
(which now seems to mean only that they typed the login URL into their
browser?), and successfully logs in, then the user is redirected to
the URL stored in Auth->loginRedirect.
The workaround I used to get the behavior I was expecting was to add:
$this->Auth->autoRedirect = false;
to the controller's beforeFilter, and
if (!empty($this->data)) {
if ($this->Auth->login()) {
$this->redirect($this->Auth->loginRedirect);
}
}
to the login() method in UsersController.
Hopefully this will help others who are confused, and I appreciate any
feedback if my understanding of the situation is still inaccurate, or
if there is a better way to do what I need.
Thanks for reading,
Alex
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to cake-php+unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
No comments:
Post a Comment