Add to config/core.php:
<?php
Configure::write('Routing.prefixes', array('admin'));
Add login, logout and entry point for the backend in config/routes.php, insert whatever controller you want to start in:
<?php
Router::connect('/login', array('controller' => 'users', 'action' => 'login'));
Router::connect('/logout', array('controller' => 'users', 'action' => 'logout'));
Router::connect('/admin', array('controller' => 'whatever', 'action' => 'index', 'admin' => true));
Add Controller/UsersController.php:
<?php
class UsersController extends AppController
{
public function login() {
if($this->request->isPost()) {
if($this->Auth->login()) {
$this->Session->setFlash(__('Login successful'));
$this->redirect($this->Auth->redirect());
} else {
$this->Session->setFlash(__('Wrong username or password!'));
}
}
}
public function logout() {
$this->Session->setFlash(__('Logout successful'));
$this->redirect($this->Auth->logout());
}
}
Add View/Users/login.ctp:
<?php echo $this->Session->flash('auth'); ?>
<h2><?php echo __('Backend'); ?></h2>
<p><?php echo __('Please enter your username and password.'); ?></p>
<?php echo $this->Form->create('User'); ?>
<?php echo $this->Session->flash(); ?>
<?php echo $this->Form->input('username'); ?>
<?php echo $this->Form->input('password'); ?>
<?php echo $this->Form->end(__('Login')); ?>
Add a new table to the database:
CREATE TABLE `users` (
`id` int(11) unsigned NOT NULL AUTO_INCREMENT,
`username` varchar(100) NOT NULL DEFAULT '',
`password` varchar(200) NOT NULL DEFAULT '',
`created` datetime NOT NULL,
PRIMARY KEY (`id`)
)
To generate a password, paste this code into the login view:
<?php
App::uses('AuthComponent', 'Controller/Component');
echo AuthComponent::password('PASSWORT');
Add a user to the new table.
Add the Auth-Component to Controller/AppController.php:
<?php
public $components = array(
'Session',
'Auth' => array(
'loginRedirect' => array('controller' => 'whatever', 'action' => 'index', 'admin' => true),
'logoutRedirect' => array('controller' => 'whatever', 'action' => 'index', 'admin' => false),
'loginAction' => array('controller' => 'users', 'action' => 'login', 'admin' => false),
'authError' => 'Login to see this area.'
)
);
Make sure that all admin views require authentication in Controller/AppController.php:
<?php
public function beforeFilter() {
if(!empty($this->params['prefix']) && $this->params['prefix'] == 'admin') {
$this->Auth->deny();
$this->layout = 'admin';
} else {
$this->Auth->allow();
}
}