}
return $this->redirect(['action' => 'index']);
}
+
public function login()
{
if ($user) {
$this->Auth->setUser($user);
return $this->redirect($this->Auth->redirectUrl());
+ }else {
+ $message = __("Bad User name or bad password.");
}
- $this->Flash->error(__('Votre username ou mot de passe est incorrect.'));
+ $this->set([
+ 'message' => $message,
+ 'user' => $user,
+ '_serialize' => ['message', 'user']
+ ]);
}
}
+
+ public function logout()
+ {
+ return $this->redirect($this->Auth->logout());
+ }
-
-
-
+
/**
* Manage all rights for the controllers' actions.
* Returns true if the user can use the currrent action, FALSE otherwise.
*/
public function isAuthorized($user)
{
- debug($this->request->action);
// All registered users can add projects
if ($this->request->action === 'add') {
return true;
}
-// if (in_array($this->request->action, ['edit', 'delete'])) {
-//// if ($this->Auth->user('id') == $user['id']) {
-//// return true;
-//// }
-// return false;
-// }
-
+ if (in_array($this->request->action, ['edit', 'delete'])) {
+ if ($this->Auth->user('id') == $user['id']) {
+ return true;
+ }
+ return false;
+ }
return parent::isAuthorized($user);
}
];
}
+
}
$this->loadComponent('RequestHandler');
-
-
-
-
$this->loadComponent('Flash');
-// $this->loadComponent('Auth', [
-// 'authenticate' => [
-// 'Form' => [
-// 'fields' => [
-// 'username' => 'username',
-// 'password' => 'password'
-// ]
-// ]
-// ],
-// 'loginAction' => [
-// 'controller' => 'Users',
-// 'action' => 'login'
-// ],
-// 'loginRedirect' => [
-// 'controller' => 'Softwares',
-// 'action' => 'index'
-// ],
-// 'logoutRedirect' => [
-// 'controller' => 'Pages',
-// 'action' => 'display',
-// 'home'
-// ]
-// ]);
-//
-// //Autorise l'action display pour que notre controller de pages
-// // continue de fonctionner.
-// $this->Auth->allow(['display']);
-
+
+ $this->loadComponent('Auth', [
+ 'authenticate' => [
+ 'Form' => [
+ 'fields' => ['username' => 'username', 'password' => 'password']
+ ]
+ ]
+ ,'logoutRedirect' => [
+ 'controller' => 'Pages',
+ 'action' => 'display',
+ 'home'
+ ]
+ ]);
}
public function isAuthorized($user)
}
// Par défaut refuser
- return false;
+ return true;
}
* @param Event $event
*/
public function beforeFilter(Event $event) {
+ $this->Auth->allow(['add', 'logout']);
parent::beforeFilter($event);
}
namespace App\Model\Entity;
use Cake\ORM\Entity;
+ use Cake\Auth\DefaultPasswordHasher;
/**
* User Entity.
'*' => true,
'id' => false,
];
+
+
+ protected function _setPassword($password)
+ {
+ return (new DefaultPasswordHasher)->hash($password);
+ }
+
+
}
use Cake\ORM\Table;
use Cake\Validation\Validator;
+/**
+ * For authentification
+ */
+use Cake\Auth\DefaultPasswordHasher;
+use Cake\Utility\Text;
+use Cake\Event\Event;
+
/**
* Users Model
*
$rules->add($rules->existsIn(['user_type_id'], 'UserTypes'));
return $rules;
}
+
+
+ /**
+ * Before save an user
+ * @param \App\Controller\Api\V1\Event $event
+ * @return boolean
+ */
+ public function beforeSave(Event $event)
+ {
+ $entity = $event->data['entity'];
+
+ if ($entity->isNew()) {
+ $hasher = new DefaultPasswordHasher();
+
+ // Generate an API 'token'
+ $entity->api_key_plain = sha1(Text::uuid());
+
+ // Bcrypt the token so BasicAuthenticate can check
+ // it during login.
+ $entity->api_key = $hasher->hash($entity->api_key_plain);
+ }
+ return true;
+ }
}