CODEWITHSUNDEEP
cakephpcomponentsauthentication
latata
latata

Reputation: 1723

CakePHP Auth Component authorization without user model

Is it possible to use Auth Component without user model? I want to have only one user of my application so I don't want to make user model I just want to login with one login/password which would be stored in php file.

Upvotes: 1

Views: 1643

Answers (2)

masakielastic
masakielastic

Reputation: 4640

Althogh you can create a custom authentication class, I have no idea for using it except learning the behavior of internal.

// Controller/Component/Auth/CustomBasicAuthenticate.php
class CustomBasicAuthenticate {

    public function authenticate(CakeRequest $request, CakeResponse $response) {
        return true;
    }

    public function getUser($request) {
        if (env('PHP_AUTH_USER') === 'foo' && env('PHP_AUTH_PW') === 'bar') {
            return array(
                'User' => array(
                    'id' => '1', 'username' => 'foo', 'password' => 'bar'
                )
            );
        } else {
            return false;
        }
    }

    public function unauthenticated(CakeRequest $request, CakeResponse $response) {
        $response->statusCode('401');
        $response->header('WWW-Authenticate: Basic realm="My Realm"');
        $response->body('fail');
        $response->send();
    }
}

// Controller/HelloController.php
class HelloController extends AppController {

    public $autoRender = false;
    public $uses = array('User');

    public $components = array(
        'Auth' => array(
            'loginAction' => array(
            'controller' => 'hello',
            'action' => 'index',
        ),
            'authenticate' => array(
                'CustomBasic' => array('userModel' => 'User')
            )
        )
    );

    public function index() {
        echo 'ok';
    }
}

Upvotes: 0

Charles Sprayberry
Charles Sprayberry

Reputation: 7853

The simple answer is No.

The longer answer is that you want to use the model to store this information. Storing user passwords in a PHP file is a very bad idea, in my opinion. You'd be setting your system up to be completely inflexible. What happens when you get 5 more users?

It would be much better to have a users database table setup with 1 record then a users PHP file. And it'll be a lot less work in the long run since Cake's AuthComponent is setup to work off a database table.

Also, read this post on Stack Overflow about storing passwords. It will provide some insight on why Cake's AuthComponent works the way it does.

Upvotes: 6

Related Questions