in my cakephp app with custom auth implementation (see here) i would like to check the auth of a user in the beforefilter method and if he/she is not authenticated i would like to manually render an error page and quit. My problem here is that it seems the auth object gets only filled with data AFTER the action call to an action which require auth. i would need to access auth data in my beforefilter function. how to achieve this? if i try to access it auth->user() it returns NULL, loggedIn() returns always false (because there is no data, makes sense)
Asked
Active
Viewed 810 times
2
-
sorry i confused beforerender with beforefilter - corrected it now - i meant beforefilter – Omegavirus Jun 11 '14 at 10:33
-
1I use a custom authenticate (ldap) too and in my `AppController` `beforeFilter` method i can call `$this->Auth->user()` without problems and I get my user data. I think that maybe the problem is that your authenticate method in your TokenAuthenticate never returns a user array – arilia Jun 11 '14 at 11:33
4 Answers
4
There's no need to check yourself whether a user is authenticated and show error page. Just add a unauthenticated() method to your custom authenticate class like the BasicAuthenticate class does (without setting the headers). The error handler using the exception renderer will generate appropriate error page.
ADmad
- 8,102
- 16
- 18
-
That is great! How to output this as json array with 'error' => 'NOT_AUTHORIZED'? – Omegavirus Jun 11 '14 at 20:30
-
1If you setup "json" extension parsing in your routes.php and include RequestHandler in AppController Cake will automatically return an appropriate json response. If you want to customize the response format you will have to use a custom exception renderer and return the response you like for the particular exception. – ADmad Jun 12 '14 at 05:40
4
I stumbled upon this question and the proposed solution did't work for me.
The proper way to get auth information in beforeFilter in Cakephp 3 is to call
$this->Auth->config('checkAuthIn', 'Controller.initialize');
right after loading the auth component. This is especially useful in stateless authentication scenarios (e.g. token authentication).
You can then get user information in beforeFilter by calling
$user = $this->Auth->user();
See the docs http://book.cakephp.org/3.0/en/controllers/components/authentication.html#deciding-when-to-run-authentication
strohne
- 165
- 2
- 5
-
-
in cake 2.x this one line can be a life savior $this->Auth->startup($this); – Farhan Nov 01 '19 at 15:35
2
from the manual:
class CustomAuthenticate extends BaseAuthenticate {
public function authenticate(CakeRequest $request, CakeResponse $response) {
// Return an array of user if they could authenticate the user,
// return false if not
}
}
you authenticate method should return an array with the user data. From your link to the other question it seems that it doesn't
arilia
- 9,373
- 2
- 20
- 44
-
I'm a little bit confused right now. My authentication class is stateless so i only need the getuser function in the auth class and the login/logout function in the user class or am i wrong here? i thought the authenticate function only gets called when calling auth->login()? I will try it out and mark your answer as the correct one if it works. thanks! – Omegavirus Jun 11 '14 at 16:13
-
if i put a $User = ClassRegistry::init('User'); and return $User->findById(1)['User']; into the authenticate method it still doesn't work.. the authenticate method isn't called at all.. – Omegavirus Jun 11 '14 at 16:27
-
i stuck with this. i implemented the suthenticate method, its returns the user array, but how can i set the Auth->user in this point? using $this->Auth->setUser($user) allways drive me an error that session is already started – Andrewboy Oct 11 '20 at 13:50
