CODEWITHSUNDEEP
authenticationcakephpauthorizationcakephp-3.0
datalore
datalore

Reputation: 327

CakePHP 3.2: Prevent authError showing when user is not logged in

Even when user is not logged in and tries to open homepage, after being redirected to login page, authError is displayed.Is there an elegant way to prevent this, without modifying Auth component? This is how I load Auth component(I am using TinyAuth as authorization adapter):

$this->loadComponent('Auth', [
                'loginAction' => [
                    'controller' => 'Users',
                    'action' => 'login'
                ],
                'loginRedirect' => [
                   'controller' => 'Home',
                   'action' => 'index'
                ],
                'authError' => 'You dont have permissions for that action',
                'authenticate' => [
                    'Form' => [
                        'fields' => [
                            'username' => 'email',
                            'password' => 'password'
                        ],
                        'scope' => ['Users.active' => true],
                        'contain' => ['Roles']
                    ]
                ],
                'authorize' => [
                    'TinyAuth.Tiny' => [
                        'roleColumn' => 'role_id',
                        'rolesTable' => 'Roles',
                        'multiRole' => true,
                        'pivotTable' => 'roles_users',
                        'superAdminRole' => null,
                        'authorizeByPrefix' => false,
                        'prefixes' => [],
                        'allowUser' => false,
                        'adminPrefix' => null,
                        'autoClearCache' => true
                    ] 
                ]
            ]
        );

Upvotes: 2

Views: 1294

Answers (1)

Sevvlor
Sevvlor

Reputation: 560

According to CakePHP's documentation you can prevent the error message from being shown by setting authError to false.

Sometimes, you want to display the authorization error only after the user has already logged-in. You can suppress this message by setting its value to boolean false.

This should disable the error message:

if (!$this->Auth->user()) {
    $this->Auth->config('authError', false);
}

Upvotes: 7

Related Questions