This is forked for CakePHP2.
Plugin containing some authenticate classes for AuthComponent.
Current classes:
- MultiColumnAuthenticate, allow login with multiple db columns in single username field For example username or email
- CookieAuthenticate, login with a cookie
- TokenAuthenticate, login with a token as url parameter or header
GoogleAuthenticate is moved to separate repo: https://github.com/ceeram/GoogleAuthenticate
- PHP 8.0+
- CakePHP 2.10+
run: composer require pieceofcake2/authenticate
In app/Config/bootstrap.php add: CakePlugin::load('Authenticate');
Setup the authentication class settings
//in $components
public $components = [
'Auth' => [
'authenticate' => [
'Authenticate.MultiColumn' => [
'fields' => [
'username' => 'login',
'password' => 'password'
],
'columns' => ['username', 'email'],
'userModel' => 'User',
'scope' => ['User.active' => 1],
]
]
]
];
//Or in beforeFilter()
$this->Auth->authenticate = [
'Authenticate.MultiColumn' => [
'fields' => [
'username' => 'login',
'password' => 'password'
],
'columns' => ['username', 'email'],
'userModel' => 'User',
'scope' => ['User.active' => 1],
]
]; //in $components
public $components = [
'Auth' => [
'authenticate' => [
'Authenticate.Cookie' => [
'fields' => [
'username' => 'login',
'password' => 'password'
],
'userModel' => 'SomePlugin.User',
'scope' => ['User.active' => 1],
]
]
]
];
//Or in beforeFilter()
$this->Auth->authenticate = [
'Authenticate.Cookie' => [
'fields' => [
'username' => 'login',
'password' => 'password'
],
'userModel' => 'SomePlugin.User',
'scope' => ['User.active' => 1],
]
];It will first try to read the cookie, if that fails will try with form data:
//in $components
public $components = [
'Auth' => [
'authenticate' => [
'Authenticate.Cookie' => [
'fields' => [
'username' => 'login',
'password' => 'password'
],
'userModel' => 'SomePlugin.User',
'scope' => ['User.active' => 1],
],
'Authenticate.MultiColumn' => [
'fields' => [
'username' => 'login',
'password' => 'password'
],
'columns' => ['username', 'email'],
'userModel' => 'User',
'scope' => ['User.active' => 1],
]
]
]
];For enhanced security, make sure you add this code to your AppController::beforeFilter() if you intend to use Cookie
authentication:
public function beforeFilter() {
$this->Cookie->type('rijndael'); //Enable AES symetric encryption of cookie
}Example for setting the cookie:
<?php
App::uses('AppController', 'Controller');
/**
* Users Controller
*
* @property User $User
*/
class UsersController extends AppController
{
public $components = ['Cookie'];
public function beforeFilter() {
$this->Cookie->type('rijndael');
}
public function login() {
if ($this->Auth->loggedIn() || $this->Auth->login()) {
$this->_setCookie();
$this->redirect($this->Auth->redirect());
}
}
protected function _setCookie() {
if (!$this->request->data('User.remember_me')) {
return false;
}
$data = [
'username' => $this->request->data('User.username'),
'password' => $this->request->data('User.password')
];
$this->Cookie->write('User', $data, true, '+1 week');
return true;
}
public function logout() {
$this->Auth->logout();
$this->Session->setFlash('Logged out');
$this->redirect($this->Auth->redirect('/'));
}
} //in $components
public $components = [
'Auth' => [
'authenticate' => [
'Authenticate.Token' => [
'parameter' => '_token',
'header' => 'X-MyApiTokenHeader',
'userModel' => 'User',
'scope' => ['User.active' => 1],
'fields' => [
'username' => 'username',
'password' => 'password',
'token' => 'public_key',
],
'continue' => true,
]
]
]
];
//Or in beforeFilter()
$this->Auth->authenticate = [
'Authenticate.Token' => [
'parameter' => '_token',
'header' => 'X-MyApiTokenHeader',
'userModel' => 'User',
'scope' => ['User.active' => 1],
'fields' => [
'username' => 'username',
'password' => 'password',
'token' => 'public_key',
],
'continue' => true,
]
];