Plugin containing some authenticate classes for AuthComponent.
Current classes:
- MultiColumnAuthenticate, allow login with multiple db columns in single username field For example username or email
- CookieAuthenticate, login with a cookie
- TokenAuthenticate, login with a token as url parameter or header
GoogleAuthenticate is moved to separate repo: https://github.com/ceeram/GoogleAuthenticate
- PHP 5.3
- CakePHP 2.x
[Composer]
run: composer require friendsofcake/authenticate
or add friendsofcake/authenticate
to require
in your applications composer.json
[Manual]
- Download this: http://github.com/FriendsOfCake/Authenticate/zipball/master
- Unzip that download.
- Copy the resulting folder to app/Plugin
- Rename the folder you just copied to Authenticate
[GIT Submodule]
In your app directory type:
git submodule add git://github.com/FriendsOfCake/Authenticate.git Plugin/Authenticate
git submodule init
git submodule update
[GIT Clone]
In your plugin directory type
git clone git://github.com/FriendsOfCake/Authenticate.git Authenticate
In app/Config/bootstrap.php
add: CakePlugin::load('Authenticate')
;
Setup the authentication class settings
//in $components
public $components = array(
'Auth' => array(
'authenticate' => array(
'Authenticate.MultiColumn' => array(
'fields' => array(
'username' => 'login',
'password' => 'password'
),
'columns' => array('username', 'email'),
'userModel' => 'User',
'scope' => array('User.active' => 1)
)
)
)
);
//Or in beforeFilter()
$this->Auth->authenticate = array(
'Authenticate.MultiColumn' => array(
'fields' => array(
'username' => 'login',
'password' => 'password'
),
'columns' => array('username', 'email'),
'userModel' => 'User',
'scope' => array('User.active' => 1)
)
);
//in $components
public $components = array(
'Auth' => array(
'authenticate' => array(
'Authenticate.Cookie' => array(
'fields' => array(
'username' => 'login',
'password' => 'password'
),
'userModel' => 'SomePlugin.User',
'scope' => array('User.active' => 1)
)
)
)
);
//Or in beforeFilter()
$this->Auth->authenticate = array(
'Authenticate.Cookie' => array(
'fields' => array(
'username' => 'login',
'password' => 'password'
),
'userModel' => 'SomePlugin.User',
'scope' => array('User.active' => 1)
)
);
It will first try to read the cookie, if that fails will try with form data:
//in $components
public $components = array(
'Auth' => array(
'authenticate' => array(
'Authenticate.Cookie' => array(
'fields' => array(
'username' => 'login',
'password' => 'password'
),
'userModel' => 'SomePlugin.User',
'scope' => array('User.active' => 1)
),
'Authenticate.MultiColumn' => array(
'fields' => array(
'username' => 'login',
'password' => 'password'
),
'columns' => array('username', 'email'),
'userModel' => 'User',
'scope' => array('User.active' => 1)
)
)
)
);
For enhanced security, make sure you add this code to your AppController::beforeFilter()
if you intend to use Cookie
authentication:
public function beforeFilter() {
$this->Cookie->type('rijndael'); //Enable AES symetric encryption of cookie
}
Example for setting the cookie:
<?php
App::uses('AppController', 'Controller');
/**
* Users Controller
*
* @property User $User
*/
class UsersController extends AppController {
public $components = array('Cookie');
public function beforeFilter() {
$this->Cookie->type('rijndael');
}
public function login() {
if ($this->Auth->loggedIn() || $this->Auth->login()) {
$this->_setCookie($this->Auth->user('id'));
$this->redirect($this->Auth->redirect());
}
}
protected function _setCookie($id) {
if (!$this->request->data('User.remember_me')) {
return false;
}
$data = array(
'username' => $this->request->data('User.username'),
'password' => $this->request->data('User.password')
);
$this->Cookie->write('User', $data, true, '+1 week');
return true;
}
public function logout() {
$this->Auth->logout();
$this->Cookie->delete('User');
$this->Session->setFlash('Logged out');
$this->redirect($this->Auth->redirect('/'));
}
}
//in $components
public $components = array(
'Auth' => array(
'authenticate' = array(
'Authenticate.Token' => array(
'parameter' => '_token',
'header' => 'X-MyApiTokenHeader',
'userModel' => 'User',
'scope' => array('User.active' => 1),
'fields' => array(
'username' => 'username',
'password' => 'password',
'token' => 'public_key',
),
'continue' => true
)
)
)
);
//Or in beforeFilter()
$this->Auth->authenticate = array(
'Authenticate.Token' => array(
'parameter' => '_token',
'header' => 'X-MyApiTokenHeader',
'userModel' => 'User',
'scope' => array('User.active' => 1),
'fields' => array(
'username' => 'username',
'password' => 'password',
'token' => 'public_key',
),
'continue' => true
)
);