ceeram / authenticate
CakePHP plugin with authentication classes for AuthComponent.
Installs: 1 316
Dependents: 0
Suggesters: 0
Security: 0
Stars: 5
Watchers: 2
Forks: 39
Type:cakephp-plugin
Requires
- php: >=5.3.0
- composer/installers: *
This package is auto-updated.
Last update: 2024-10-13 10:00:51 UTC
README
Plugin containing some authenticate classes for AuthComponent.
Current classes:
- MultiColumnAuthenticate, allow login with multiple db columns in single username field For example username or email
- CookieAuthenticate, login with a cookie
- TokenAuthenticate, login with a token as url parameter or header
GoogleAuthenticate is moved to separate repo: https://github.com/ceeram/GoogleAuthenticate
Requirements
- PHP 5.3
- CakePHP 2.x
Installation
[Composer]
run: composer require friendsofcake/authenticate
or add friendsofcake/authenticate
to require
in your applications composer.json
[Manual]
- Download this: http://github.com/FriendsOfCake/Authenticate/zipball/master
- Unzip that download.
- Copy the resulting folder to app/Plugin
- Rename the folder you just copied to Authenticate
[GIT Submodule]
In your app directory type:
git submodule add git://github.com/FriendsOfCake/Authenticate.git Plugin/Authenticate
git submodule init
git submodule update
[GIT Clone]
In your plugin directory type
git clone git://github.com/FriendsOfCake/Authenticate.git Authenticate
Usage
In app/Config/bootstrap.php
add: CakePlugin::load('Authenticate')
;
Configuration:
Setup the authentication class settings
MultiColumnAuthenticate:
//in $components public $components = array( 'Auth' => array( 'authenticate' => array( 'Authenticate.MultiColumn' => array( 'fields' => array( 'username' => 'login', 'password' => 'password' ), 'columns' => array('username', 'email'), 'userModel' => 'User', 'scope' => array('User.active' => 1) ) ) ) ); //Or in beforeFilter() $this->Auth->authenticate = array( 'Authenticate.MultiColumn' => array( 'fields' => array( 'username' => 'login', 'password' => 'password' ), 'columns' => array('username', 'email'), 'userModel' => 'User', 'scope' => array('User.active' => 1) ) );
CookieAuthenticate:
//in $components public $components = array( 'Auth' => array( 'authenticate' => array( 'Authenticate.Cookie' => array( 'fields' => array( 'username' => 'login', 'password' => 'password' ), 'userModel' => 'SomePlugin.User', 'scope' => array('User.active' => 1) ) ) ) ); //Or in beforeFilter() $this->Auth->authenticate = array( 'Authenticate.Cookie' => array( 'fields' => array( 'username' => 'login', 'password' => 'password' ), 'userModel' => 'SomePlugin.User', 'scope' => array('User.active' => 1) ) );
Setup both:
It will first try to read the cookie, if that fails will try with form data:
//in $components public $components = array( 'Auth' => array( 'authenticate' => array( 'Authenticate.Cookie' => array( 'fields' => array( 'username' => 'login', 'password' => 'password' ), 'userModel' => 'SomePlugin.User', 'scope' => array('User.active' => 1) ), 'Authenticate.MultiColumn' => array( 'fields' => array( 'username' => 'login', 'password' => 'password' ), 'columns' => array('username', 'email'), 'userModel' => 'User', 'scope' => array('User.active' => 1) ) ) ) );
Security
For enhanced security, make sure you add this code to your AppController::beforeFilter()
if you intend to use Cookie
authentication:
public function beforeFilter() { $this->Cookie->type('rijndael'); //Enable AES symetric encryption of cookie }
Setting the cookie
Example for setting the cookie:
<?php App::uses('AppController', 'Controller'); /** * Users Controller * * @property User $User */ class UsersController extends AppController { public $components = array('Cookie'); public function beforeFilter() { $this->Cookie->type('rijndael'); } public function login() { if ($this->Auth->loggedIn() || $this->Auth->login()) { $this->_setCookie(); $this->redirect($this->Auth->redirect()); } } protected function _setCookie() { if (!$this->request->data('User.remember_me')) { return false; } $data = array( 'username' => $this->request->data('User.username'), 'password' => $this->request->data('User.password') ); $this->Cookie->write('User', $data, true, '+1 week'); return true; } public function logout() { $this->Auth->logout(); $this->Session->setFlash('Logged out'); $this->redirect($this->Auth->redirect('/')); } }
TokenAuthenticate
//in $components public $components = array( 'Auth' => array( 'authenticate' => array( 'Authenticate.Token' => array( 'parameter' => '_token', 'header' => 'X-MyApiTokenHeader', 'userModel' => 'User', 'scope' => array('User.active' => 1), 'fields' => array( 'username' => 'username', 'password' => 'password', 'token' => 'public_key', ), 'continue' => true ) ) ) ); //Or in beforeFilter() $this->Auth->authenticate = array( 'Authenticate.Token' => array( 'parameter' => '_token', 'header' => 'X-MyApiTokenHeader', 'userModel' => 'User', 'scope' => array('User.active' => 1), 'fields' => array( 'username' => 'username', 'password' => 'password', 'token' => 'public_key', ), 'continue' => true ) );