cakePHP auth component not working

Question

I have an issue with cake's auth that I simply can't seem to get past (i've been debugging and trying different tutorials for the last two days). As far as I can see it should be very simple, the problem is whenever i try to login, it just refreshes the login page. I cannot for the life of me figure out why! My only conclusion is that there must be something (basic) which tutorials take for granted that I have missed.

Here are a couple of snippets:

users_controller.php

class UsersController extends AppController {

    var $name = 'Users';

    function beforeFiler() {
        parent::beforeFilter();
    }
    function login() {
    }

    function logout() {
        $this->Session->setFlash('You have successfully logged out.');
        $this->redirect($this->Auth->logout());
    }
}

app_controller.php

class AppController extends Controller {

    var $helpers = array('Html','Form','Javascript');
    var $components = array('Auth');

    function beforeFilter() {

        $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
        $this->Auth->loginRedirect = array('controller' => 'contents', 'action' => 'index');
        $this->Auth->logoutRedirect = array('controller' => 'contents', 'action' => 'view');
        $this->Auth->loginError = 'Something went wrong';
        $this->Auth->allow('register', 'view');
        $this->Auth->authorize = 'controller';
        $this->set('loggedIn', $this->Auth->user('id'));
    }

    function isAuthorized() {
        return true;
    }
}

login.ctp

<div class="midCol short">
    <h3>Login</h3>
    <div class="loginBox">
    <?php e($form->create('User', array('controller'=>'users','action'=>'login')));?>
        <?php
        echo $this->Form->input('username');
        echo $this->Form->input('password');
        e($this->Form->end(array('label'=>'Login', 'class'=>'loginButton button png')));?>
    </div>
</div>

Any help would be greatly appreciated, this has me tearing my hair out!

Answer 1

Correct me if i am wrong but must there not be code for redirection or something inside the function of login

function login() {
}

should it not be something like

public function login()
{
if ($this->request->is('post')) {
    $user = $this->Auth->identify();
    if ($user) {
        $this->Auth->setUser($user);
        return $this->redirect($this->Auth->redirectUrl());
    }
    $this->Flash->error(__('Invalid username or password, try again'));
    }
}

Answer 2

Gonna throw something in here. I was having an almost unresolveable problem with cakephp authentication. Ended up doing some debugging around it and found that during my database prep I had created a field for the password which was perfectly able to store normal size passwords... but.... when you start applying password hashing you need a lot more. My code was fine, but I had to add a bunch more space into the VARCHAR field for the password before I could log in. If you're having a problem with authentication - make sure your password field is adequately sized and not getting truncated like mine was. Took me a whole day to find that. DOH!

Answer 3

Just for documentation as I had difficulties finding an answer for CakePHP 2.x on the web. This stuff needs to be "correct" in order to use Form authentication:

• The config needs to be right, e.g. in your UsersController (the fields config is really only required when names differ in the DB):

  public $components = array(
      'Auth' => array(
          'authenticate' => array(
              'Form' => array(
                  'fields' => array(
                      'username' => 'username',
                      'password' => 'password'
                  ),
              )
          )
      )
  );
  

• You have to use the Form Helper: Form->create adds a hidden input field ("post"), and the names of the input fields generated by Form->input() follow a convention that the Auth component expects.

• User->login must not pass custom data to Auth->login(). The Auth component will take the auth data from the form (= request).

Answer 4

I had the exact same problem and found that I had to restart mySQL service. Once it was restarted I stopped getting the login page being redirected. Hope that helps.

Answer 5

The Auth component will redirect to the page before you logged in. If that page was the login page that's where it'll redirect to.

When you're testing, it's likely that you're refreshing the login page, so on successful login that's where you're redirected to. You can check this by trying to perform an Auth protected action after logging in.

This gives me a lot of headaches as well - I think the current functionality of the component is a little clumsy in that respect.

Answer 6

Thanks for the advice, but I ended up scrapping it and building again from scratch. Not exactly sure why it was originally breaking, probably not calling inbuilt functions with American English!