DarkAuth update, and test app.

26 June 2008 12:26

I found another small glitch in DarkAuth, which stemmed from the major bug after CakePHP 1.2 RC1 was released.

The Controller::render() method has changed, which was integral to DarkAuth's functionality. The change stopped anything from being displayed if Auth was not present or sufficient. To fix it I had to force an exit() into the code.

This exit() then meant that the Component was not setting the $_DarkAuth variable at all, if the "login" or "deny" view where being displayed.

The updated code fixes this, and has been updated on the DarkAuth page.

In addition I introduced a nice utility method, DarkAuthComponent::getUserId() which simply the returns the id of the currently auth'd user. Something I needed often.

Also I decided it would be good to have a "test application", a simple setup of a working DarkAuth + Cake combo. So I have built one, and you can use it to see how DarkAuth works, and to play around with it to your hearts content!

There's 2 versions: one is just the app/ folder, and the other contains the full CakePHP1.2 RC1 code as well:

DarkAuth.test.app.zip just app/ folder
~~DarkAuth.test.inc.cake.zip full example~~ Awaiting Update...

I put some useful code in there to help create the database config file and set up the required tables, so just extract and play!

Tags:

CakePHP, access control, DarkAuth, code, php

Comments (14):

Bill said at 00:28, 7th July 2008:

Hi Chris, the link DarkAuth.test.inc.cake.zip is off. Great component, thanks
theChrisWalker said at 17:36, 7th July 2008:

You're right, I mean to update it to the RC2 code anyway... I'll remove for now.
Theo said at 21:30, 9th July 2008:

Hi, is it not possible for you to add functions to save logins (user/groups) back to the HABTM ? for example a submitted form of username/password and checkboxes for groups? or is there just a easy way to do it in cakephp? thanks
Theo said at 21:44, 9th July 2008:

sorry i meant 'save logins (user/roles)' not 'save logins (user/groups)' and 'checkboxes for roles' not 'checkboxes for groups'
theChrisWalker said at 09:17, 10th July 2008:

"or is there just a easy way to do it in cakephp?" Bingo.
itsnotvalid said at 13:02, 11th July 2008:

Glad that the comment system is up now. I just leave a message here to hope to see a SVN/git repository or a single dark_auth.php download, instead of just hoping through the archive or copying from the website(where sensible person wouldn't do anyway). And this component is a great one and really save me a lot of time. Thank you!!
Theo said at 12:59, 12th July 2008:

had the wrong case on my models names in my form :/ thats why it wasnt working for me thanks anyways
blablacio said at 15:15, 15th July 2008:

Hello Chris, I'm developing an application which apparently needs user authentication and I chose your component to help out with this. Everything runs just fine now, but I was wondering if there is a way to do this: <?php class UsersController extends AppController { var $name = 'Users'; var $scaffold; var $_DarkAuth = array('required'=>'Administrators'); function register(){ } function add(){ } } ?> I want to let only users of the group Administrators to do anything within the UsersController, but let regular guests access the register() function only. Any ideas? Thank you for your time and exceptional component!
itsnotvalid said at 12:08, 20th July 2008:

Also I discovered a bug that, when you are having a login form for a action that also reads from $this->data, e.g. scaffold views (e.g. add), you would also submit empty dataset to those actions. In scaffold add, for example, you would create an empty record. How to fix this?
theChrisWalker said at 20:48, 20th July 2008:

@ blablacio: I emailed you about this, basically, there is no way "allow" specific actions as yet, but sounds like a good addition for the future.
theChrisWalker said at 20:54, 20th July 2008:

@itsnotvalid: after successful login, you are redirected using a GET request for the URL, all POST data will be lost - which means the Add scaffold should render a form, not insert a row. Still it will be easy enough to check for valid data before save()'ing the model. The loss of POST is not something easily avoided, so I hope you didn't plan to be able to propagate that.
Lukas said at 16:11, 29th July 2008:

Hello Chris, I have downloaded your script and I have protected a controller. The login-form appears, but if I submit my username and password, then I get the following error: Fatal error: Cannot use object of type PostsController as array in (...)app\controllers\components\dark_auth.php on line 341 Do you have any advice? thanks, Lukas.
Lukas said at 16:22, 29th July 2008:

dark_auth.php 341: $this->controller{$this->user_model_name}->belongsTo[$this->group_model_name]['foreignKey']; fix: $this->controller->{$this->user_model_name}->belongsTo[$this->group_model_name]['foreignKey']; Lukas.
Darren said at 08:39, 5th August 2008:

Great component Chris thanks, just wondering if it was possible to use the component in the cake error pages (404, missing action etc). I've not managed to do it yet. Cheers!

Sorry, comments are closed.