Created
March 7, 2012 19:47
-
-
Save ceeram/1995543 to your computer and use it in GitHub Desktop.
CakePHP Authentication and Authorization
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| No AuthComponent => everything is public | |
| With AuthComponent => everything denied by default (except login action) | |
| - open up certain action for public with: Auth->allow('action'); | |
| - open up all actions: Auth->allow(); | |
| - open up all non-admin actions, see Example (beforeFilter) | |
| AuthComponent setup with Authorize object => restrict actions for authenticated users | |
| - for instance with ControllerAuthorize, you define isAuthorized() function in your (App)Controller and | |
| have it return true/false based on some conditions, See Example (isAuthorized) | |
| - If you have Auth->allow('action'), authorization wont be checked as it is a public action | |
| Example: | |
| in AppController.php | |
| public function beforeFilter() { | |
| if (empty($this->request->params['prefix']) || $this->request->params['prefix'] != 'admin') { | |
| $this->Auth->allow(); | |
| } | |
| } | |
| public function isAuthorized($user) { | |
| if ($user['role'] == 'admin') { | |
| return true; | |
| } | |
| if (empty($this->request->params['prefix']) || $user['role'] == $this->request->params['prefix']) { | |
| return true; | |
| } | |
| if (!empty($this->request->params['prefix']) && in_array($this->action, array('index', 'view'))) { | |
| return true; | |
| } | |
| return false; | |
| } |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment