Auth and ACL with condition in CakePHP

Question

I can't find a solution to my problem. I have an CakePHP website using Auth Component and ACL component. I do not want users who are not active to be able to log in.

I found that userScope in Auth component can do that. So in my AppController inside the beforeFilter, i added this :

    $this->Auth->userScope = array('User.active' => 1);

Of course in my UserController beforeFilter, a call to the parent method is made.

However, this doesn't worj, I am still able to login in with a user who have active set to 0. I think it might be because of ACL component ?

Here is my beforFilter in AppController

    public function beforeFilter()
    {
    if (!$this->Session->check('Auth.User'))
        $this->layout = 'identification';
    $this->Auth->allow('display');

    //Configure AuthComponent
    $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
    $this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login');
    $this->Auth->loginRedirect = array('controller' => 'users', 'action' => 'welcome');
    $this->Auth->userScope = array('User.active' => 1);
    }

What am I missing ?

Answer 1

The code you use is not valid with Cake 2. See http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html#configuring-authentication-handlers

Here is some code that should work:

$this->Auth->authenticate = array('Form' => array('scope' => array('User.active' => 1)));

Answer 2

If you don't make it, you can always use an alternative:

$user = $this->Auth->user();
if($user['User']['active'] == 0){
   $this->redirect($this->Auth->logout());
   $this->Session->setFlash('You are not active.');
}