ansaurus

Question

CakePHP Auth Component Check User Before Login

Answer 1

+2 A:

Hello aadravid,

If you have the whole Auth system already up and running, why don't you just follow the KISS principle and revoke their password or alter there username? If they are not longer able to authenticate with your system as they could earlier they should be able to deduce that they are banned.

If that doesn't suffice, then additionally you could add the code below.

function login() {
  if ($this->Session->read('Auth.User')) {
    $this->Session->setFlash('You are alreadylogged in!~~~~~~~~~~~');   
  }
  $this->Session->setFlash('You have been banned!');    
  $this->redirect(array('controller'=>'users','action'=>'index'));
}

Edit 1: For a more dynamically approach like you pointed out in your comment, you could check the is_banned column of the user record under concern in your UsersController::beforeFilter() and set your flash message accordingly. Also make a redirect based on the outcome of $this->Session->read('Auth.User.is_banned'). Maybe you want to have a look at the output of Session->read('Auth.User) ?> before attacking your problem.

Edit 2: My fault. You could store the is_banned somewhere in the Session via $this->Session->write(...). After you read an is_banned = true you can log the user out.

Kind regards, Benjamin.

benjamin 2010-08-25 10:03:03

well... that would be complicated as i want the admin to able to ban and also unban a user whenever need arises. changing the username or password would require me to keep record of the same if i want to change it back to the original.

aadravid 2010-08-25 10:11:39

@edit: i am not sure how that would work... its not even checking if the user has banned field set to true.

aadravid 2010-08-25 10:14:43

i am confused by your last comment. i just committed and your comment to my edit is already in place??

benjamin 2010-08-25 10:20:25

:D the comment on the edit was actually for the login function code that you added later on. anyways, i will try using the beforeFilter() but really isn't there something that i can do in the login function itself? anyways, thanks for the help so far.

aadravid 2010-08-25 11:36:08

aadravid, to be straight out honest, you should have a look at Niks solution, before turning to mine. chances are that it serves you better. Kind regards

benjamin 2010-08-25 12:13:48

Answer 2

+2 A:

you have to use:

/** Function is executed after the login*/
function isAuthorized() {
return true;
}

where you can check if the user is banned or no. i.e.

/** Function is executed after the login*/
function isAuthorized() {
if($this->Auth->user('banned') == 1){ //column banned should be in the users table
       $this->Session->setFlash('You have been banned!');    
       return false;
    }
    return true;
}

I believe this is the correct way.

Nik 2010-08-25 11:50:24

well, this is how i am doing it currently, but this lets the user login and then tells him that he is banned. i just wanted to know if it can be done before logging him in.

aadravid 2010-08-25 12:28:22

Well, how could you determine that the user is banned if he is not identified :) Basically in that function you have to redirect the user to the logout action (if he is banned), so he will be logged out immediately after the banned field is checked.

Nik 2010-08-25 17:51:13

As your code snippet is sound: +1Kind regards

benjamin 2010-08-25 19:28:27

Answer 3

+1 A:

Hello Aadravid,

Having read your last comment on Nik's way, I think that you could just refine your original solution by logging the user out manually via $this->Auth->logout() at the appropriate place in your code (followed by a redirect). This way it should look like he/she never logged in.

Kind regards, Benjamin.

benjamin 2010-08-25 12:55:38

you are right... was thinking on the same lines and i guess that's the easiest solution for this. thanks all of you.

aadravid 2010-08-25 13:37:33

Answer 4

+2 A:

Finally, I found a solution by going through the API. I wonder if anyone has used this ever, cause nobody pointed me to this, or maybe I wasn't clear enough. Anyways, to add a condition to the login process you just have put it in the variable $this->Auth->userScope

So, to check if a user is banned I just added this line to the beforeFilter() in my AppController,

$this->Auth->userScope = array('User.banned'=>0);

Hope this helps someone.

aadravid 2010-08-25 23:39:20

This is more commonly written as `$this->Auth->userScope = array('User.active' => 1);`

cdburgess 2010-08-27 15:21:55

ya one and the same thing... but atleast i know now where to put these conditions :)

aadravid 2010-08-27 16:41:32

How would you distinguish between "Incorrect Credentials" and "User is banned" if you use this way?

Moe Sweet 2010-09-06 03:05:49

What credentials are you talking about?

aadravid 2010-09-06 08:10:48

how to do u differentiate if the username and password is right and the persons account is not activated thru email yet. how on login.. can u tell him that the Account is not yet activated so we are not letting him in. and other posibility is account is active and user entered pass or username is wrong tell him its wrong so we are not letting him. how to set $this->Auth->loginError differently for these two posibilities

Harsha M V 2010-10-10 14:04:44

ansaurus

tags:

views:

answers:

CakePHP Auth Component Check User Before Login

related questions