Separate authentication for front-end user and admin in cakephp 3.x

Question

We are working on a project where are 4 roles. But in cakephp 3.x Auth component holds authenticate user data in session with Auth.User indexing using

$this->Auth->setUser($user);

Due to this we are not able to access front-end user account from admin panel for some purpose, because of when we login to front-end user from admin panel, front-end login action performs and over write of session value.

So if there is any process to handle this please suggest us.

Thank you in advance.

Check this http://stackoverflow.com/questions/39645441/authorize-users-based-on-roles-in-cakephp-3#answer-39647402 — Aman Rawat, May 03 '17 at 13:46
@AmanRawat provided link's answer will be allow to only actions, this will not work for my problem — user7738665, May 03 '17 at 13:50
So you want to login to two different users of different role at same time? — Aman Rawat, May 03 '17 at 13:54

score 2 · Accepted Answer · answered May 06 '17 at 11:15

As well I have understood that you are not using prefix to manage back-end and front-end user then may be you worked with separate folder structure for back-end, May I right?

You are right that $this->Auth->setUser($user); always holds session with Auth.User indexing. So you need to write different session indexing for back-end, and you can do it as follow :

For back-end user authentication : **

$this->loadComponent('Auth', [
                'authorize' => ['Controller'], // Added this line
                'loginRedirect' => [
                    'controller' => 'Users',
                    'action' => 'dashboard',
                    'prefix' => 'admin_panel'
                ],
                'logoutRedirect' => [
                    'controller' => 'Users',
                    'action' => 'login',
                    'prefix' => 'admin_panel'
                ],
                'storage' => [
                    'className' => 'Session',
                    'key' => 'Auth.Admin',              
                ]
            ]);

**

Here you can pass your desired index in 'storage' array key value. I think it'll works for you.

Thank you @Krishna Gupta, it works for me. and your answer full-filled my requirement. well done, thank you very much once again. — user7738665, May 06 '17 at 11:27

score 0 · Answer 2 · answered May 03 '17 at 13:59

Check out the section Authentication and Authorization in this curated list of CakePHP Plugins.

You could, for example, use dereuromarks TinyAuth Plugin to authorize your users and configure what they are able to see.

This way you can use the same authentication (be aware of the differences between Authentication and Authorization) and the same users table, which will prevent the Session conflict you mentioned.

score 0 · Answer 3 · answered May 04 '17 at 08:59

The Auth component overwrite the previous session because it store the session in Auth.users all the time so we have to change the session key for different role.

If you are using URL prefix for the different roles to access then you can do like this.

AppController.php

    public function beforeFilter(Event $event)
    {
        if($this->request->params['prefix']){
            $this->Auth->config('storage',  [
                'key'=>'Auth.'.$this->request->params['prefix'],
                'className'=>'Session'
            ]);
        }

        return parent::beforeFilter($event); // TODO: Change the autogenerated stub
    }

This will create different roles in Auth as you required. The session will be like this

[
    'Auth'=>[
        'User'=>['id'=>''],
        'Admin'=>['id'=>''],
    ]
]

Tested it, working great for me.

We are not using prefix for admin panel – user7738665 May 04 '17 at 11:35 — user7738665, May 04 '17 at 11:35

Separate authentication for front-end user and admin in cakephp 3.x

3 Answers3