Friday, October 19, 2012

Re: Routing Issue

Since I'm no expert in Auth component, let me just sing you the song of my code. 

file: routes.php
Router::connect('/users/login', array('controller'=>'users', 'action'=>'login', 'prefix'=>'admin', 'admin'=>true));

file: AppController.php
public $components = array(
        'Auth' => array('authorize' => 'Controller', 
            // this forces admin_login to be the only login method regardless of prefix
            'loginAction' => array( 
                'controller' => 'users', 
                'action' => 'login', 
                'prefix'=>'admin', 
                'admin' => true))
    );
  public function beforeFilter(){
        if (isset($this->params['prefix']) 
             && in_array($this->params['prefix'], array('admin', 'editor'))) {
            //not relevant to question, but useful:
            Configure::write('Session.timeout', 60 * 4); 
            $this->layout = 'admin';
            
            $this->Auth->deny();
        } 
        else {
        Configure::write('Session.timeout', 60 * 48); //
        $this->layout = 'default';
                
        $this->Auth->allow('*');
        }
    }
    
    public function isAuthorized($user = null) {
        
        // Any registered user can access public functions
        if (empty($this->request->params['admin']) 
              && empty($this->request->params['editor'])) {
            return true;
        }
        // Only admins can access admin functions
        if (isset($this->request->params['admin'])) {
            return (bool)($user['role'] === 'admin');
        }
        // Only editors can access editor functions
        if (isset($this->request->params['editor'])) {
            return (bool)($user['role'] === 'editor');
        }

        // Default deny
        return false;
    }

This works for me (but test it anyways). I'm using 'admin' and 'editor', but login is always done through UserController::admin_login() method, regardless of prefix.
The login route is always /users/login, without the prefix.

Is this what you were searching for?

--
Like Us on FaceBook https://www.facebook.com/CakePHP
Find us on Twitter http://twitter.com/CakePHP
 
---
You received this message because you are subscribed to the Google Groups "CakePHP" group.
To post to this group, send email to cake-php@googlegroups.com.
To unsubscribe from this group, send email to cake-php+unsubscribe@googlegroups.com.
Visit this group at http://groups.google.com/group/cake-php?hl=en.
 
 
Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)