CODEWITHSUNDEEP
cakephp
PCC
PCC

Reputation: 73

CakePHP Logout issues

I know this must be something really stupid, but I am having issues with logging out. I can still see the full user Auth variable after calling Auth->logout(). In my users controller I have the standard:

function login()
{
}

function logout()
{
  $this->redirect($this->Auth->logout());
}

But when I call logout, in my view I can still print the User by doing this:

$auth = $this->Session->read('Auth.User');
print "<pre>";
print_r($auth);
print "</pre>";

Am I missing something basic here? Thanks!

Upvotes: 1

Views: 5489

Answers (7)

joe.smack
joe.smack

Reputation: 81

you have not allowed the use of the logout function, and the user is redirected instead of logged out.

in your controller containing logout the function, add this in your before filter:

    $this->Auth->allow('logout');

Upvotes: 5

oneoftheguys
oneoftheguys

Reputation: 11

You'll find that if you just create a beforeFilter() function in UserController with that one line, you'll break the authorization on the Users model. That is, any user will be able to do users/add, users/edit, etc. To fix this, make sure you call AppController's beforeFilter. The complete beforeFilter() function looks like this:

public function beforeFilter() {
        parent::beforeFilter();
        $this->Auth->allow('logout');
}

Upvotes: 1

jcamejo
jcamejo

Reputation: 95

In your app controller you must define a loginAction, in case of a not authorized entry, the view is redirected to that URL

'Auth' => array(
    'loginRedirect' => array('controller' => 'products', 'action' => 'all'),
    'logoutRedirect' => array('controller' => 'products', 'action' => 'index'),
    'loginAction' => array('controller'=>'admins', 'action'=>'login'),
)

Upvotes: 1

Jacek Kaniuk
Jacek Kaniuk

Reputation: 5229

mine:

function logout() {
    $this->Session->destroy();
    $this->redirect($this->Auth->logout());
}

Upvotes: 5

mark
mark

Reputation: 21743

I can't see a reason why this shoudn't work as I use exactly the same code... did you confirm that the method is actually called? a simple "die('xyz')" etc before the Auth logout part can confirm that your action code is triggered.

Upvotes: 0

Anh Pham
Anh Pham

Reputation: 5481

what cake version do you have? I think you have to manually clear session in Cake 1.2. In newer Cake, if the logout function is called, it would clear out Auth.User; I'm sure on that.

Upvotes: 0

smdvlpr
smdvlpr

Reputation: 1088

If CakePHP is using PHP sessions and not rolling their own, you could just clear out the session on logout via session_destroy();. Sorry I have no CakePHP experience, so I'm just going off of an assumption.

Upvotes: 0

Related Questions