Friday, December 26, 2008

Re: Odd AuthComponent behavior

Nevermind,

I should have looked at the API first.

I stripped some of the data I was passing to $this->Auth->login();

I changed it from $this->Auth->login($loginUser); to $this->Auth-
>login($loginUser['User']['id']);

Its now authenticating the correct user.

On Dec 26, 1:43 pm, Nick <nlof...@gmail.com> wrote:
> Has anyone else seen this, it appears to only happen when using the
> auth component with cookies.  If I have an e-mail that begins with a
> number, the auth component authenticates the wrong user.  It takes
> whatever the leading number is and logs in the user with the ID of
> that number, instead of the user with the correct e-mail address. Any
> other e-mail account login works fine, as long as it doesn't begin
> with a number.
>
> Here's what my code looks like:
>
> In my User Model I use this to check the login and find the correct
> user:
>
>         function checkLogin($email)
>          {
>             $user = $this->findByEmail($email);
>
>             if ($user)
>              {
>                 return $user;
>             }
>             return null;
>          }
>
> In my AppController:
>
>                 $this->Auth->loginAction    = array('controller' => 'users',
> 'action' => 'login');
>                 $this->Auth->logoutRedirect = '/';
>                 $this->Auth->loginError     = 'Either your Email or Password are
> incorrect. Please try again';
>                 $this->Auth->authError      = 'Please Log In before attempting to
> access this page.';
>                 $this->Auth->autoRedirect   = false;
>
>                 $cookie = $this->Cookie->read('User');
>
>                 if (is_array($cookie) && !$this->Auth->user())
>                 {
>                         $loginUser = $this->User->checkLogin($cookie['email']);
>                         if (isset($loginUser)){
>                                 $loginSuccess = $this->Auth->login($loginUser);
>                                 if (!$loginSuccess){
>                                         $this->Cookie->del('User');
>                                 }
>                         }
>                 }
>
> And in my UsersController:
>
>         function login() {
>                 if ($this->Auth->User()){
>
>                         if (!empty($this->data)){
>                                 if (!($this->data['User']['remember'])){
>                                         $this->Cookie->del('User');
>                                 } else {
>                                         $cookie = array();
>                                         $cookie['email'] = $this->data['User']['email'];
>                                         $this->Cookie->write('User',$cookie,true,'+2 weeks');
>
>                                 }
>                                 unset($this->data['User']['remember']);
>                         }
>                         $this->redirect($this->Auth->redirect());
>                 }
>         }
--~--~---------~--~----~------------~-------~--~----~
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com
To unsubscribe from this group, send email to cake-php+unsubscribe@googlegroups.com
For more options, visit this group at http://groups.google.com/group/cake-php?hl=en
-~----------~----~----~----~------~----~------~--~---

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)