I am not sure if this is the new Web 2.0 thing or not, but this version of Cake really ought to be a whole version step instead of an increment. I have been using CakePHP 1.1.x for a few different projects, and now have been messing around with 1.2.0.x for a little while now. A lot has changed in it. The Command Line Interface (CLI) is different than before, so when I first loaded it in then went to the shell to start baking, I was met by errors and messages. I expected to see similar things since this was an “incremental step from 1.1.x to 1.2.x, but there was a huge change from 1.1.x to 1.2.0.7296 RC2.
However, I got past the whole CLI and Baking, and started to continue through the other steps. Some of the ideas I like, and have started to explore are the Auth functionality. Not that this changes around the ACLs or replaces them, but a way to enhance the use of ACLs. In this application, I did not need any ACLs, but this Auth component helps out a lot. In the previous version of Cake, I wrote my own quick Auth component and tied it in with the AppController.php. Now, I just add in the Auth component in the AppController and then in the different controllers I create, I extend it and allow certain actions to be accessed based on login/no login. It does help, but there is still alot to do.
AppController.php:
class AppController extends Controller { var $components = array('Auth'); . . .
users_controller.php:
class UsersController extends AppController { function beforeFilter() { parent::beforeFilter(); // Set User allowed actions. $this->Auth->allow('register'); $this->Auth->autoRedirect = false; $this->Auth->authorize = 'controller'; $this->set('my_id', $this->Auth->user('user_id')); } function isAuthorized() { return true; }
In the AppController.php I set up the Auth to be used. In the individual controllers, I need to check the allowed actions in the Before Filter function. (I also have some actions in the Before Filter of the parent AppController for sub links, which is why it is inheriting the parent in the users controller. Maybe another post for those?)
In the users controller, I can allow certain actions by using the $this->Auth->allow() function. In this example, I only want people who have not logged in to access the register page. Auth also automatically allows everyone to access login, so there is no need to declare it. I could allow all actions by
$this->Auth->allow('*');
But I want to prevent people who have not logged in from seeing the user profile pages.
The next line is to stop the Auth redirect. Once authentication happens, it automatically redirects. I did not want this, so I stopped it by setting it to false. Next, I needed to allow for further checks when authentication happens against the ‘user’ model. Because I set this to ‘controller’, I needed to add the function ‘isAuthorized()’. Right now I have this returning true, which really is pointless as it does no additional checks, as of yet. But I needed to build this on for development when I get the profile model up. When it is up, there will be additional validation taking place.
Last, I am setting a variable based on the current user who has logged in. If there is a log in, then Auth will capture that in
$this->Auth->user('user_id');
NOTE: the ‘user_id’ is the name of the field for the user identifier. In my model/user table, I called it user_id.
This will now set the variable for use in other functions, and when I need to pull data based on this id. It may be a shortcut, it may not be, either way, it is real helpful to be able to call that in the before filter.
This is just one thing I liked about the new version. It may have been in the older version, but I never saw it or used it. But there are other things I really like as well.
I like CakePHP.
I like CakePHP as well.