array('adapter' => 'Cookie'), 'default' => array('adapter' => 'Php'), 'flash_message' => array('adapter' => 'Php') )); Auth::config(array( 'default' => array( 'adapter' => 'Form', 'model' => 'User', 'cookie' => '', 'fields' => array('username', 'password'), //'scope' => array('active' => 'true'), //The active field must be true otherwise they can't auth, though we need //to eventually send them to a page that explains they are banned. 'session' => array('options' => array('name' => 'default')), 'filters' => array( 'password' => function($password) { return $password; //prevents li3 from hashing the password before hand. }, function($data) { if (!empty($data['username'])) { //Find the first element record that matches the username in the request and get the salt field $salt = User::find('first', array('conditions' => array('username' => $data['username']))); //The password to query is the password from the request //hashed with the users stored salt $data['password'] = String::hashPassword($data['password'], $salt->salt); } return $data; }) ) )); $secret = "cake"; // Adds remember feature for form-based authentications. Auth::applyFilter('check', function($self, $params, $chain) use ($secret) { $query = 'first'; $scope = array(); extract($self::invokeMethod('_config', array($params['name']))); if ($result = $chain->next($self, $params, $chain)) { $request = $params['credentials']; if ($request && $adapter == 'Form' && !empty($request->data['remember'])) { $data = array_intersect_key($result, array_combine($fields, $fields)); $data = serialize($data); Session::write( "Auth.{$params['name']}", base64_encode($data), array('name' => 'cookie') ); } return $result; } if ($adapter == 'Form') { $data = Session::read("Auth.{$params['name']}", array('name' => 'cookie')); if ($data) { $data = base64_decode($data); $data = unserialize($data); if (array_keys($data) == $fields) { $model = Libraries::locate('models', $model); $data = array_map('strval', $data); $user = $model::$query($scope + $data); if ($user) { return $self::set($params['name'], $user->data()); } } } } return $result; }); // Removes remember cookie after sign out. Auth::applyFilter('clear', function($self, $params, $chain) { $config = $self::invokeMethod('_config', array($params['name'])); if ($config['adapter'] == 'Form') { if (Session::read("Auth.{$params['name']}", array('name' => 'cookie'))) { Session::delete("Auth.{$params['name']}", array('name' => 'cookie')); } } return $chain->next($self, $params, $chain); }); //So that we can filter a bunch of methods in one Dispatcher::applyFilter('_callable', function($self, $params, $chain) { //Invoke the _callable method, then execute the logic below $ctrl = $chain->next($self, $params, $chain); //if the user is logged in $user = Auth::check('default'); if($user) { //check if they are accessing an admin function if ($ctrl->request->controller == 'admin' && !($user['level'] == 'root' || $user['level'] == 'admin')) { return function() use ($request) { //Users / index isn't public derp. return new Response(compact('request') + array('location' => '/')); }; } //If they aren't trying to access admin, return return $ctrl; } //If they are performing a public action continue, if (isset($ctrl->publicActions) && in_array($params['request']->action, $ctrl->publicActions)) { return $ctrl; } //Otherwise, send them to the login page return function() use ($request) { return new Response(compact('request') + array('location' => '/login')); }; }); ?>