In my project I need to have two separate tables for “company_users” and “public_users” the Authentication on one would be with usernames and the other one with email addresses. They also contain their own set of roles and Authorization requirements.
In older versions of CakePHP this was possible using the Auth Component but I can’t find a decent way to do this using the current Authentication Plugin in CakePHP 5.
I was wondering if there is a clean way to implement the Authentication and Authorization for these two tables?
Do you expect one login page which checks both tables and logs the user in as whichever one it finds a match in? Or are there separate login pages for each group?
I think that when you add your auth middleware, you’ll need to check the request details (URL) to figure out which one applies, and configure the middleware appropriately.
Yes, that should be doable. However I though there would already be a mechanism available to handle a situation like this, both in Authentication and Authorization Plugins. I might take a look later to see if I can make the changes needed in those plugins for better integration.
Since I needed to take my project further and these Plugins are handling sensitive tasks, for now I have made my project into two different CakePHP apps on the same Database with their own different Authentication and Authorization.
To approach your problem of having two separate tables for “company_users” and “public_users” with distinct authentication methods and roles, I would suggest reconsidering your approach. Instead of separating users into different tables, you can manage user roles within a single users table. Here’s how you can achieve this:
Recommended Approach
Add a “role” field to your users table:
This field will differentiate between company users and public users.
Roles can be “company_user” and “public_user”.
Authentication:
Authenticate users using either email or username. You can configure this in the Authentication plugin to allow both fields for login.
Authorization:
Use policy classes to handle authorization based on the role assigned to the user.
Additional Filtering in AppController:
Use beforeFilter and beforeRender methods in your AppController to apply additional filtering, such as different templates or themes for different user roles.