DarkAuth. v1.3 - the setup

$raquo; Page: 1 - the intro, 2 - the component, 3 - the setup

Update: I have ammended the component code, as it was not working with the RC of 1.2 only a small fix but necessary. Thanks to those of you who pointed the bug out to me!

The following steps should guide you through the setup process and the files you need to alter.

Of course, you will need to have the models for your User table (and groups if applicable). I will assume you have these models setup with Cake conventions with the following schema (using HABTM association):

  1. CREATE TABLE `users` (
  2. `id` INT(11) NOT NULL AUTO_INCREMENT,
  3. `created` DATETIME DEFAULT NULL,
  4. `modified` DATETIME DEFAULT NULL,
  5. `live` TINYINT(1) NOT NULL DEFAULT 0,
  6. `username` VARCHAR(16) NOT NULL DEFAULT '',
  7. `pswd` VARCHAR(32) NOT NULL DEFAULT '',
  8. PRIMARY KEY (`id`)
  9. );
  10.  
  11. CREATE TABLE `groups` (
  12. `id` INT(11) NOT NULL AUTO_INCREMENT,
  13. `created` DATETIME DEFAULT NULL,
  14. `modified` DATETIME DEFAULT NULL,
  15. `live` TINYINT(1) NOT NULL DEFAULT 0,
  16. `name` VARCHAR(32) NOT NULL DEFAULT '',
  17. PRIMARY KEY (`id`)
  18. );
  19.  
  20. CREATE TABLE `groups_users` (
  21. `group_id` INT(11) NOT NULL,
  22. `user_id` INT(11) NOT NULL,
  23. KEY `group_id` (`group_id`,`user_id`)
  24. );

If you don't use the HABTM association, then remember to set var HABTM = false; later. This will then assume that the user $belongsTo a group (and therefore you'd need a "group_id" field in your "users" table).

Look at the Cake Manual for how to setup the Models for these tables.

Step 1: AppController

If you have created an AppController in your own controllers directory, nows the time, create a file called app_controller.php and populate it as follows. If you have got one, it should be easy enough to see what you'll need to add to yours.

Controller Class:

  1. <?php
  2. class AppController extends Controller {
  3.   var $uses = array('User');
  4.   var $components = array('DarkAuth');
  5.  
  6.   function _login(){
  7.     if(is_array($this->data) && array_key_exists('DarkAuth',$this->data) ){
  8.       $this->DarkAuth->authenticate_from_post($this->data['DarkAuth']);
  9.      $this->data['DarkAuth']['password'] = '';
  10.     }
  11.   }
  12.  
  13.   function logout(){
  14.     $this->DarkAuth->logout();
  15.   }
  16. }
  17. ?>

Step 2: Login and Deny Views

You can create these however you want, however I discovered something very useful (I don't know if it's secret or just not documented...) in that you can render Views using Controller::render() using absolute paths, so Controller::render('/login') would render a view in the root of your Views Folder. Using this to our advantage we can allow an arbitrary controller access to a view via the same render path. So I create a login View at /app/views/login.ctp, again it's up to you but it must post the following data:

[DarkAuth][username],
[DarkAuth][password]

and optionally if you have set the "$allow_cookie" variable:

[DarkAuth][remember_me],
[DarkAuth][cookie_expires]

Here's a simple one which will do the trick:

View Template:

  1. <?php
  2.   $this->pageTitle = 'Access Restricted';
  3.   echo $form->create('DarkAuth',array('url'=>substr($this->here,strlen($this->base))));
  4.   echo $form->input('DarkAuth.username');
  5.   echo $form->password('DarkAuth.password');
  6.                
  7. /* Uncomment for cookies...
  8.   echo $form->input('DarkAuth.remember_me',array(
  9.           'label'=>'Remember Me? (uses cookies)',
  10.           'type'=>'checkbox'
  11.           ));
  12.   echo $form->input('DarkAuth.cookie_expiry',array(
  13.           'options'=>array(
  14.                        'now'=>'end of session',
  15.                        '+1 week'=>'in a week',
  16.                        '+1 Months'=>'in a month',
  17.                        '+6 Months'=>'in 6 months',
  18.                      ),
  19.           'label'=>'If so, for how long?'
  20.           ));
  21. */
  22.   echo $form->end('login');
  23. ?>

And a page for /app/views/deny.ctp:

View Template:

  1. <?php
  2.   $this->pageTitle = 'Access Denied!';
  3. ?>
  4.   <p>I'm sorry, but you don't have sufficient permission to access this page!</p>

Step 4: Edit the Component's Variables and Hasher

There are a number of variables which need to be configured to match your user and group models, the fields they use for username and password and the association type.

There are others for successful logout, login failure messages, default redirections and more. Please look over them to get the component to work how you want it.

The final thing to configure is the DarkAuth::hasher() function (which can be used anywhere to hash passwords in the same way that they are hashed in the database. Make sure your either use the same hashing function or amend this one how you want.

Step 5: The Logout Route

This is optional, as we put the logout() function in AppController so accessible from any controller. However, I find it more aesthetically pleasing to have a route for logout at /logout. Add this to your app/config/routes.php:

  1. Router::connect('/logout',array('controller'=>'users','action'=>'logout'));

NB any controller would do, but you're pretty sure to have a UsersController.

Step 6: Enjoy!

That's it. Hopefully you haven't had too many issues, and your App is now secure and happy.

» Page: 1 - the intro, 2 - the component, 3 - the setup