About the Auth Component Session is not created

ricardomx · May 10, 2016, 10:21pm

Hi.
I am creating a new project from cero, and the auth component is not working properly, i did every thing as in the tutorial but once the user is logged in , he is being redirected once again to the login form.

I am using version 3.0,
Apache/2.4.16 (Win32) OpenSSL/1.0.1p PHP/5.5.29
PHP Version 5.5.29

The session its is created in the folder cakephp/tmp/sessions.
the file is in… but the user is being redirected to the login page.

This is my configuration.

In AppController i got this.

public function initialize()
{
parent::initialize();

    $this->loadComponent('RequestHandler');
    $this->loadComponent('Flash');


    $this->loadComponent('Auth', [            
        //'authorize' => ['Controller'],
        'unauthorizedRedirect' => false,
        'loginRedirect' => [
            'controller' => 'Notas', // @todo Mi Controller segun PROYECTO a modo de demo
            'action' => 'menu'
        ],
        'logoutRedirect' => [
            'controller' => 'Estados', // @todo Mi Controller segun PROYECTO
            'action' => 'index'
        ],
        'loginAction' => [
            'controller' => 'Users', // @todo Mi Controller segun PROYECTO
            'action' => 'login'
        ],
        'authenticate' => [
            'Form' => [
                //'passwordHasher' => 'Blowfish',
                'userModel' => 'Users',                                         // @todo Mi TABLA segun DB
                'fields' => ['username' => 'username', 'password' => 'password'],     // @todo mis campos personalizados segun DB
                //'scope' => ['Users.activo' => 'S']                            // @todo Filtro para bloquiar ingresos de usuarios 
            ]
        ],
        'authError' => '¿De verdad crees que se le permita ver eso?',
        'storage' => 'Session'
    ]);

    //$this->Auth->config('checkAuthIn', 'Controller.initialize');
}

— in the NotasController i Got this

public function initialize()
{
    parent::initialize();
    //$this->loadComponent('Auth');
    //$this->loadComponent('Paginator');
    $this->loadComponent('Auth');
    $this->viewBuilder()->layout('admin_template'); 
}



public function beforeFilter(Event $event)
{
    parent::beforeFilter($event);
          
    $u = $this->Auth->user();
   
    if( $this->isAuthorized(  $u  )  )
    {
        $this->Auth->allow();            
        $this->set('auth_user', $u );            
        return;
    }

    //$this->Flash->error("No autorizado");
    //$this->redirect( ['action'=>'login', 'controller'=>'users'] );
}

public function isAuthorized( $user = null )
{

  if( empty($user)  ){
      //echo "User is empty";
      //die();
      return false;
  }

 
  $role = '';      
  if (  isset($user['role'])  ) 
  {
        $role = $user['role'];          
  }

  if( empty($role) === true )
      $role = $this->Auth->User('role');

  $role = strtoupper($role);
  if( $role == 'ADMIN' )
  {          
      return true;         
  }

  $this->Flash->error("No Authorized"); 
 
  
  return parent::isAuthorized($user);

}

rrd · May 12, 2016, 5:56pm

I had a similar problem. The problem arose because the expiration time of the session was always behind. If it is true for you check apache, php and system time.

ricardomx · May 19, 2016, 9:50pm

I checked that already, but the system time no… where do i check that ?
My code is still not working…

karmicdice · May 20, 2016, 6:54am

Did you perform composer update ?

I faced a similar issue : Session wiped off upon redirect via Apache · Issue #7621 · cakephp/cakephp · GitHub but unable to reproduce it.
Perform a fresh composer install and move files, it worked out great later.

ricardomx · May 29, 2016, 2:03am

I did that and no result…

My problem comes exactly after the login, when i get to another controller, i can not get the autentified user from here…

In controller after the login…

public function beforeFilter(Event $event)
{
parent::beforeFilter($event);

$user = $this->Auth->user();

if( $this->isAuthorized(  $user  )  )
{
    $this->Auth->allow();            
    $this->set('auth_user', $user );            
    return;
}

}

$user is null…

Any idea ?

Thank you…

rrd · May 29, 2016, 12:58pm

Your code is a little bit confusing or at least not follows the style for Auth what I normally use. I would suggest you to reorganize your code.

isAuthorize() is called automatically before all controller’s method, so you do not have to call it manually.

You did not posted your UsersControler but I guess you missing to call identify() and setUser.

I would use my project as an example: https://github.com/rrd108/sanga/tree/master/src/Controller

AppController:

    public $components = [
        'Auth' => [
            'authenticate' => [
                'Form' => [
                    'fields' => [
                        'username' => 'email'
                        ]
                    ]
                ],
            'logoutRedirect' => '/'
        ]
    ];

    public function beforeFilter(Event $event)
    {
        $this->Auth->config('authorize', ['Controller']);
        $this->Auth->deny();
    }

UsersController:

    public function beforeFilter(Event $event)
    {
        parent::beforeFilter($event);
        $this->Auth->allow(['logout']);
    }

    public function isAuthorized($user = null)
    {
        return true;
    }

    public function login()
    {
        if ($this->request->is('post')) {
            $user = $this->Auth->identify();
            if ($user) {
                $this->Auth->setUser($user);
                return $this->redirect($this->Auth->redirectUrl());
            }
        }
    }

ricardomx · May 29, 2016, 7:15pm

Hi… I will post again my code.

I got this

In AppController:

class AppController extends Controller
{
public $components = [‘Flash’];

public function initialize()
{
     parent::initialize();
    $this->loadComponent('Flash');

    $this->loadComponent('Auth', [            
        'authorize' => ['Controller'],           
        'loginRedirect' => [
            'controller' => 'Notas', // @todo Mi Controller segun PROYECTO a modo de demo
            'action' => 'menu'
        ],            
        'logoutRedirect' => [
            'controller' => 'Estados', // @todo Mi Controller segun PROYECTO
            'action' => 'index'
        ],           
        'authenticate' => [
            'Form' => [
               'userModel' => 'Users', 
                'fields' => ['username' => 'username', 'password' => 'password']
            ]
        ]
        //'storage' => 'Session'
    ]);
}
   
public function beforeFilter(Event $event)
{
    parent::beforeFilter($event);    
    $this->Auth->allow(['index', 'view', 'display', 'nota' ]);
}

public function isAuthorized( $user = null )
{
// Admin can access every action
if( empty( $user ) )
return false;

  $role = '';      
  if (  isset($user['role'])   ) 
  {
        $role = trim($user['role']);
  }

  if( empty($role) )
      $role = $this->Auth->User('role');

  if( strtoupper($role) === 'ADMIN' )
  {
      return true;         
  }

// Default deny
return false;

}

UsersController:

class UsersController extends AppController
{

public $components = [‘Paginator’, ‘Flash’, ‘Auth’];

public $paginate = [

'Users'=>[
    'limit' => 25,
    'order' => [
        'Users.nombre' => 'asc'
    ]
   ]
];

public function initialize()
{
    parent::initialize();

    $this->viewBuilder()->layout('admin_template'); 
}

public function beforeFilter(Event $event)
{
parent::beforeFilter($event);

$this->Auth->allow(['logout']);

}

public function isAuthorized( $user = null ){

return true;

}

public function login()
{
if ($this->request->is(‘post’))
{
$user = $this->Auth->identify();
if ($user)
{
$this->Auth->setUser( $user );
$auth_user = $this->Auth->user();
// debug( $auth_user ); //works great… $auth_user has $user.

                return $this->redirect( $this->Auth->redirectUrl() );

            }

    $this->Flash->error('User or password incorrect.');
}

}

NotasController:

class NotasController extends AppController {

public $components = ['Paginator', 'Auth' ];

public $paginate = [    
'Notas'=>[
    'limit' => 25,
    'order' => [
        'Notas.fecha' => 'asc'
    ]
   ]
];

public function initialize()
{
    parent::initialize();

    $this->viewBuilder()->layout('admin_template'); 
}

public function beforeFilter(Event $event)
{
    parent::beforeFilter($event);

    //read the user logged in....
    $auth_user = $this->Auth->user(); // $auth_user is null :( 
  
    if( $this->isAuthorized(  $auth_user  )  )
    {
        $this->Auth->allow();            
        $this->set('auth_user', $auth_user );            
        return;
    }
   
}

public function beforeRender(Event $event)
{
parent::beforeRender($event);
}

public function isAuthorized( $user = null )
{
if( empty($user) ){
return false; //always returns false, $user arrives empty.
}

  $role = '';      
  if (  isset($user['role'])  ) 
  {
        $role = $user['role'];          
  }

  if( empty($role) )
      $role = $this->Auth->User('role');

  // Admin can access every action
  $role = strtoupper($role);
  if( $role === 'ADMIN' )
  {          
      return true;         
  }
    
  return parent::isAuthorized($user);

}

Topic		Replies	Views
Problem with Cakephp environment Auth / Session not working Need Help release	4	7592	July 27, 2018
Auth Component not working as expected Need Help	3	821	July 3, 2016
AuthComponent working fine in my controllers but not in my Components Need Help	1	589	March 22, 2017
Problem with sessions Support for loading components using $components property is removed. Use $this->loadComponent() instead in initialize() Need Help release	2	1715	September 16, 2020
Starting Auth component from other controller than AppController gives false result Need Help	1	495	August 1, 2017

About the Auth Component Session is not created

Releases

Documentation

Community

About the Auth Component Session is not created

Related topics

Releases

Documentation

Community