I've read the documentation for the Authentication core library , and it's not really clear how to use it. It seems to assume a lot of prior knowledge.
Specifically:
You configure authentication handlers using $this->Auth->authenticate. You can configure one or many handlers for authentication. Using multiple handlers allows you to support different ways of logging users in. When logging users in, authentication handlers are checked in the order they are declared. Once one handler is able to identify the user, no other handlers will be checked. Conversely you can halt all authentication by throwing an exception. You will need to catch any thrown exceptions, and handle them as needed.
You can configure authentication handlers in your controller’s beforeFilter or, in the $components array. You can pass configuration information into each authentication object, using an array:
So in my PeopleController I wrote in the example code:
<?php
class PeopleController extends AppController {
public $helpers = array('Html', 'Form');
$this->Auth->authenticate = array(
AuthComponent::ALL => array('userModel' => 'Member'),
'Form',
'Basic'
);
public function index() {
}
}
And this exception fires:
syntax error, unexpected '$this' (T_VARIABLE), expecting function (T_FUNCTION) Error: An Internal Error Has Occurred.
Stack Trace CORE\Cake\Error\ErrorHandler.php line 162 → ErrorHandler::handleFatalError(integer, string, string, integer) [internal function] → ErrorHandler::handleError(integer, string, string, integer, array) CORE\Cake\Core\App.php line 926 → call_user_func(string, integer, string, string, integer, array) CORE\Cake\Core\App.php line 899 → App::_checkFatalError() [internal function] → App::shutdown()
Can anybody provide a simple example of how to protect a Controller so only an authenticated user can access it? Can I also protect individual Action functions?
