Admin with Cake: Create new Application, or use with the same?

Question

I have build an e-commerce website with CakePHP Framework.

Now, i need to implement administration log-in, and orders/users management...

The big question is: Should i create a new App (a new CakePHP app folder), or use the existing one?

Using the same folder, would make me spend less time copying models, but, would considerably decrease 'security', because i would need to create methods for admin, and user...

Using separately framework, with almost the same models, would help me with the views... i would use another page template, and the log-in system would be different from the normal website.

So, what is the "best" solution for this case?

Thanks

Answer 1

Build the admin in the same app. It doesn't decrease security. You can easily control which controller methods are accessible by admin users with Prefix Routing. You can also change the view layout based on the route prefix. If you need something more fine-grained, Cake supports Access Control Lists for complex permissions systems.

In the end, your app will be much more maintainable if you are using a single set of models and controllers.

Here's a little code snippet I use in app_controller.php. This is from an app built in CakePHP 1.2, so it may need to be updated slightly for newer versions. This assumes that any registered user has access to the admin URLs, but that could easily be changed:

function beforeFilter(){
    if (isset($this->params['prefix']) && $this->params['prefix'] == 'admin') {
        if (!$this->Session->check('User')) {
            // save the url in the session so that you can redirect there after login
            $this->Session->write('lastPageVisited', $this->params['url']['url']);
            $this->redirect('/users/login/');
            exit();
        }
        // set the admin layout
        $this->layout = 'admin';
    }
}