Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Cakephp Auth with multiple "Users" tables

I would like to know how to deal with only ONE authentification process and "users" in multiple tables. I have 4 Users table: users, admins, artists, teamadmins which all have specific fields, but I would like all of these users to be able to connect via only one form on the homepage, and being redirected after that to their specific dashboards.

I think the redirections shouldn't be a problem, and some routes added should work, but I really don't know where to look/start to ake this all possible.

Cheers,
Nicolas.

EDIT: here's the final solution (thanks to deizel)

App::import('Component', 'Auth');
class SiteAuthComponent extends AuthComponent {

    function identify($user = null, $conditions = null) {
        $models = array('User', 'Admin', 'Artist');
        foreach ($models as $model) {
            $this->userModel = $model; // switch model
            $this->params["data"][$model] = $this->params["data"]["User"]; // switch model in params/data too
            $result = parent::identify($this->params["data"][$model], $conditions); // let cake do its thing
            if ($result) {
                return $result; // login success
            }
        }
        return null; // login failure
    }
}
like image 848
Nicolas Avatar asked Jun 04 '10 11:06

Nicolas


2 Answers

CakePHP's AuthComponent only supports authentication against a single "User" model at a time. The model is chosen by setting the Auth::userModel property, but it only accepts a string and not an array of models.

You can switch the userModel on the fly with the following code, but this requires you to know in advance which model to switch to (eg. your users have to choose their account type from a dropdown):

public function beforeFilter() {
    if (isset($this->data['User']['model'])) {
        $this->Auth->userModel = $this->data['User']['model'];
    }
}

You can likely extend the core AuthComponent to add the functionality you want by overwriting the AuthComponent::identify() method so it loops over and attempts authentication with each model:

App::import('Component', 'AuthComponent');
class AppAuthComponent extends AuthComponent {

    function identify($user = null, $conditions = null) {
        $models = array('User', 'Admin', 'Artist', 'TeamAdmin');
        foreach ($models as $model) {
            $this->userModel = $model; // switch model
            $result = parent::identify($user, $conditions); // let cake do it's thing
            if ($result) {
                return $result; // login success
            }
        }
        return null; // login failure
    }
}

You will have to replace occurrences of Auth in your application with AppAuth to use your extended AuthComponent, unless you use this trick.

like image 82
deizel Avatar answered Oct 05 '22 03:10

deizel


While annoying, I think the best solution is probably using Cake's built in ACL support (see http://book.cakephp.org/2.0/en/tutorials-and-examples/simple-acl-controlled-application/simple-acl-controlled-application.html).

If you do authentication the way you're talking about, you have to keep track of permissions in your controller code, checking to see what the userModel is. If you use an access control list, the permission tree will already exist in the database, which should simplify your code a great deal, and make it more modular.

It also means restructuring your data model to have a single users table and groups table instead of entity classes for each type of user.

I just went through the process of doing this myself... :(

like image 23
mikermcneil Avatar answered Oct 05 '22 03:10

mikermcneil