1

I’m working with CakePHP 4. Following the documentation, I set up ‘remember me’ cookie, when I pass login, I see in the browser the CookieAuth controller with correct values for username e password. Point is that when I logout, I still see the cookie in my browser (it will expires in few days) but I expected username e password input text with precompiled value in the login form. Is this the correct behaviour? I tried to get these fields populated but incurred in many different errors related to cookie reading/writing as Argument 1 passed to Cake\Http\Response::withCookie() must implement interface Cake\Http\Cookie\CookieInterface, string given

This is my code:

in app_local.php:

    ‘Security’ => [
    ‘salt’ => env(‘SECURITY_SALT’, ‘string’, //here my random string
    ],

-in Application.php


    $cookies = new EncryptedCookieMiddleware(
    [‘CookieAuth’],
    Configure::read(‘Security.cookieKey’)
    );

and inside getAuthenticationService(ServerRequestInterface $request), after Session and before Form:


    $authenticationService->loadAuthenticator(‘Authentication.Cookie’, [
    ‘rememberMeField’ => ‘remember_me’,
    ‘fields’ => [
    ‘username’ => ‘email’,
    ‘password’ => ‘password’,
    ],
    ‘loginUrl’ => ‘/’,
    ‘cookie’=>[
    ‘name’=>‘CookieAuth’,
    ‘expire’=> new DateTime(‘Thu, 31 Dec 20 15:00:00 +0000’)
    ]
    ]);

in UsersController, login function


    public function login()
    {
    $this->Authorization->skipAuthorization();
    $cookie = [‘email’=>’’, ‘password’=>’’, ‘remember_me’=>0];
    
          if ($this->request->getCookie('CookieAuth')) {
              $cookie = $this->request->getCookie('CookieAuth');
              debug('cookie');
          }
       
          // if remember_me
          if($this->request->getData('remember_me') == 1) {
        
             $this->response = $this->response->withCookie(new Cookie('CookieAuth'), $this->request->getData());
          }
          else {
              //$this->Cookie->delete('CookieAuth');
          }
          $this->set($cookie);
          // other code
      }

-Templates\Users\login.php:


        <?= $this->Form->control('email', ['required' => true]) ?>
        <?= $this->Form->control('password', ['required' => true]) ?> 
        <?= $this->Form->control('remember_me', ['type' => 'checkbox']);?> 
        <?= $this->Form->submit(__('Login')); ?>

Any help would be really appreciated, thanks.

Ethan
  • 45
  • 10
  • The Remember Me cookie is for creating a new login session automatically if you return to the site after your session has expired. If you log out, it should go away. It is not something to remember your username and pre-populate it in the login form. – Greg Schmidt Dec 07 '20 at 17:14

1 Answers1

0

Ii tried it on version 4.x. It works fine

  1. config/app.php

    'Security' => [
'salt' => env('SECURITY_SALT', 'string'),  //here my random string
'cookieKey' => env('SECURITY_COOKIE_KEY', 'string'),  //here my random string],

  2. Application.php | function middleware

    ->add(new EncryptedCookieMiddleware(['CookieAuth'],Configure::read('Security.cookieKey')))

  3. Application.php | function getAuthenticationService

    $service->loadAuthenticator('Authentication.Cookie', [ 'fields' => $fields, 'cookie' => [ 'name' => 'CookieAuth', 'expires' => (new Time())->addDays(30), ], 'loginUrl' => '/users/login', ]);

  4. <?= $this->Form->control('remember_me', ['type' => 'checkbox']);?>

ouflak
  • 2,458
  • 10
  • 44
  • 49
KenDzz
  • 39
  • 2
  • 7