component is utter garbage, sorry.
When I looked at it, I saw that all it was, really, was a wrapper to
the Ticket model.
I moved all code into the model yesterday and I have the same
functionality without a component.
The reason why components are not supposed to use models became
clearer than ever. A component should not be a "mini-controller" with
its own model. Anything such a component can do, a model can do just
as well. Components should be used to extend a controllers ability to
do "controlling stuff", like RequestHandler or Auth. A could be used
for things like email but I am not 100% happy with that since an email
both has a "view" (a design or at least on output of content) and
deals with data and a kind-of data source (smtp and pop/imap).
My Ticket model (The Component formerly known as Tickets) only deals
with the creation, storage and purging of tickets. What they are used
for depends on the situation. UsersController can use a ticket to
check that a request comes from an email sent to a specific user and
allow a password form to be displayed. UploadController can use
tickets to check that requests made from a java applet are made from
the embedded applet (sort of like how Security component adds a hash
to a form) and not by someone else. Not perfect security, but safer
than nothing at all.
Users who are logged in already, get a normal form to change their
password. The Ticket is only used to "authenticate" a request from a
user who has forgotten their password.
I will update or replace the bakery article when I get the chance.
/Martin
On Oct 25, 6:11 pm, Smelly_Eddie <OlliT...@gmail.com> wrote:
> Thanks Martin.
> Looks like the same concept, I noticed some things that made me
> curios.
>
> In implementation did you include the functionality within a users
> component or a separate one dedicated to tickets? Do you have a
> different method to let logged in users change their credentials?
>
> I am going to work on pulling more functionality out into the actual
> component, and the same for the botcheck, which I have already begun.
> I have such a poor patience to draw things before I get coding, and
> mostly end up refactoring afterwards.
>
> Regards,
>
> EW
>
> On Oct 24, 5:40 pm, "martin.westin...@gmail.com"
>
> <martin.westin...@gmail.com> wrote:
> > You got some nice functionality there. I think it could be reorganised
> > a bit. At least from how I see a ticket system. I went with a slightly
> > different approach a few years ago when I needed similar
> > functionality. It is the same basic functionality but the code has a
> > different organisation from your code.http://bakery.cakephp.org/articles/view/ticket-component-resetting-us...
>
> > -The component deals only with ticket management and is the only place
> > where tickets are created and managed.
> > -Generally components should not have their own models I hear but in
> > this situation it is totally valid, I think.
> > -The controller uses the component to create and check and use
> > tickets, for password resets in this case.
> > -Another controller uses the same ticket component to keep sessions
> > alive and "pseudo authenticate" requests from embedded plugins.
>
> > I still use it and like it. Maybe you see some detail or two you like.
> > /Martin
>
> > On Oct 24, 10:51 pm, Smelly_Eddie <OlliT...@gmail.com> wrote:
>
> > > Allowing users the ability to change passwords is a no brainer.
>
> > > But what do you do if a user losses their password? Several months
> > > ago I wrote a very simple component that works in conjunction with my
> > > user model to issue tickets to user emails.
>
> > > The ticket can be retrieved via email and allows users to enter a new
> > > password.
>
> > > The tickets are valid for 24 hours, carry a unique code that aligns to
> > > that users email. It is the bet way I could think to solve this
> > > issue.
>
> > > If you want to check it out and share advice, please do.
>
> > >http://edwardawebb.com/programming/php-programming/cakephp/reset-lost...
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to cake-php+unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---
No comments:
Post a Comment