Wednesday, October 31, 2012

CakePHP 2 with normal Form Authentication + Basic for API access

I simply can't wrap my head around how this is supposed to work.
I'm trying to create two separate logins. One for admin which is a normal 'Form' authentication with all rights to alter/delete data, and one 'Basic' authentication for model 'Account' which will have some allowed methods. No matter what I do, I allways get a 302 response with redirect to /users/admin/login, and never a Basic Authentication dialog. 

Is it really not possible to do this with the Auth Component?

Response from curl (tried a random url which should require authentication):

$curl -H "Accept:Application/json" http://localhost:8888/myproject/admin/users/index.json -v 

< HTTP/1.1 302 Found
< Date: Wed, 31 Oct 2012 12:38:55 GMT
< Server: Apache
< X-Powered-By: PHP/5.3.6
< Set-Cookie: CAKEPHP=a621801575312e3b56d2c670d314547d; expires=Wed, 31-Oct-2012 16:38:55 GMT; path=/; HttpOnly
< Location: http://localhost:8888/myproject/admin/users/login
< Content-Length: 0
< Content-Type: application/json
* Connection #0 to host localhost left intact
* Closing connection #0



My AppController so far:

<?php

App::uses('Controller', 'Controller');

class AppController extends Controller
{

    public $components = array(
        'Session',
        'RequestHandler',
        'Auth',
    );

    public function beforeFilter()
    {
        parent::beforeFilter();

        if ($this->params['ext'] == 'json') {
            $this->Auth->authenticate = array(
                'Basic' => array(
                    'userModel' => 'Account',
                    'fields' => array('username' => 'facebook_id', 'password' => 'facebook_token'),
                ),
            );
        } else {
            $this->Auth->authenticate = array('Form');
        }
    }

    public function isAuthorized($user)
    {
        return true;
    }

}

--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
 
---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com.
To unsubscribe from this group, send email to cake-php+unsubscribe@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php?hl=en.
 
 

No comments: