I seem to have the same problem, would you mind posting your solution with your sample code and all?
On Saturday, June 23, 2012 8:45:50 AM UTC-4, Arash wrote:
Thanks Tarique, it looks to be the correct way but i didn't have any success using it!
Here is what i did:
1. used HTTP Basic Authenticationclass AppController extends Controller {
public $components = array(
'Session',
'RequestHandler',
'Auth' => array(
'authenticate' => array(
'Basic' => array(
'fields' => array('username' => 'email'),
'realm' => 'touch'
),
),
)
);
}
2. created a login method which lets cross domain requests and cros domain authorizationclass UsersController extends AppController {
public function login() {
header("Access-Control-Allow-Origin: *");
header("Access-Control-Allow-Headers: Authorization");
$response = false;
if ($this->Auth->login()) {
$response = true;
}
$this->set('response',$response);
}
3. i've added this line to router file so that i can use jsonRouter::parseExtensions('json');
4. in the client side, i make login request using ajax like this:$.ajax({
url: url,
dataType: "json",
crossDomain: true,
beforeSend: function(xhr){
xhr.setRequestHeader("Authorization", "Basic " + Base64.encode(email + ":" + password));
},
success: function ( response ) {
console.log(response);
},
error: function (xhr, ajaxOptions, thrownError) {
console.log(xhr);
}
});
The problem is that after i login successfully the next ajax requests get 401 (Unauthorized), i've tried to debug the problem and it seems that once client login, the next ajax requests get 401 because the get user method in BasicAuthenticate class can't get the user via env('PHP_AUTH_USER') and env('PHP_AUTH_PW')
Any idea why after successful ajax login the next ajax requests get 401 (Unauthorized) response?! why the authentication system can't get user by
env('PHP_AUTH_USER') ?
On Friday, June 22, 2012 1:05:27 PM UTC+4:30, Dr. Tarique Sani wrote:See http://book.cakephp.org/2.0/en/core-libraries/components/ authentication.html#creating- stateless-authentication- systems
Tarique
On Tue, Jun 19, 2012 at 3:35 AM, Arash wrote:
> Hi,
> We are working on a mobile app for our SAAS website which uses Cake 1.3,
> we've decided to use Jquery mobile+ Phonegap so we will use the HTML5 power
> for building a mobile app.
>
> The whole app is an HTML page with a few js ans css files which will be
> running natively on the mobile and will interact with server with Ajax.
>
> The problem we encountered here is that using the cakephp Auth the session
> id is not being saved on the browser (because the page is not being served
> from a webserver i think) so we don't have access to the session and we
> can't know for sure if the user is authenticated or not.
>
> I've seen some mobile authentication systems that provide a Token after
> login, save it in browser local storage and send this token with each ajax
> request to the server, the server checks the token and if it is valid then
> severs the data.
>
> Is there any reasonable way of authenticating users on a mobile app using
> the Auth component?!
>
> --
> Our newest site for the community: CakePHP Video Tutorials
> http://tv.cakephp.org
> Check out the new CakePHP Questions site http://ask.cakephp.org and help
> others with their CakePHP related questions.
>
>
> To unsubscribe from this group, send email to
> cake-php+u...@googlegroups.com For more options, visit this group at
> http://groups.google.com/group/cake-php
--
============================================================ =
PHP for E-Biz: http://sanisoft.com
============================================================ =
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com.
To unsubscribe from this group, send email to cake-php+unsubscribe@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php?hl=en-US.
No comments:
Post a Comment