So it’s meant to be used like putting the ‘allow’ for example in the ‘AppController’, and putting the ‘add’ in for example a ‘Table1Controller’?
But what puzzles me the most, where do you collect this knowlegde? Where can I find this info, am I missing a part of the docs, am I searching in the wrong way? I’m glad you give an awnser, but this sort of basic knowledge I want to be able to retrieve by myself.
This ‘part’ of the authentication, the controllers that are related to the tables, is working as expected, no problem here.
I don’t know how/can’t find a way to let the PagesController show pages unauthenticated. For example, I have to log-in to get access to the ‘home.php’ on ‘localhost:8765’. I want to show this page without having to log-in.
The ‘allowUnauthenticated’ given in the examples are related to the functions in a controller. There has to be a way to state pages instead of functions. Whether it’s another call (‘allowUnauthenticatedPages’ or something like that) or another variable (like ‘allowUnauthenticated([page.home]’).
I can find code to get his done, but it’s cake 3x code, using the deprecated AuthComponent. I assume there is a substitute statement. But what? Where to find?
I don’t know how other folks get up to speed, but I spend quite a bit of time tracking back to the core code (a process my IDE makes very easy). The doc blocks in the code often gives me insight on how to proceed. The API documentation provides the same thing but I find it hard to navigate. When I’m coding, I typically have all the method-hinting of the objects of interest and can quickly find and see exactly the docblocks and code of interest. In the case of the new Authentication, I’m not even sure where the API docs are.
It’s not unusual for me to drop debug-and-die commands in the core code to work my way to a solution.
Seems the logical solution after all. The ‘allowUnauthenticated’ uses a list of actions, so ‘just’ pick the wanted function defined within a controller.
In some use case it will be necessary to be able to see some pages with and some pages without authentication. Now all pages won’t need authentication. But that’s something to explore when needed.
I tagged this post ‘Site Feedback’, my aim was to find out how to get the basics of authentication working with ‘just’ the presented docs. Looking into the code, inserting debug-command commands etc. , that’s a bridge too far for me right now. I’m not mastering the basics of CakePHP, I first want to get the ‘feel’ of how things work (like for example the ‘allowUnauthenticated’).
So finally I got the basics working. After all, the needed info is somewhere in the docs (except API-docs, no v4 available?), but it takes time and help of the forum-members to get things up-and-running. I wonder if this is just me, or if this is a more general CakePHP-issue.
I’ve always assumed it was my learning style. I do best with a global perspective first. Then I have a scene to fit all the details into. But the cake docs are presented in (what I think of as) a more traditional rule-list form.
Rule-lists are the least effective way for me to learn anything. This is the reason I drew the UMLs. But I haven’t decided how much detail they should have to be a useful and maintainable part of the documentation. Less detail than I have included so for I’m sure.
Make it possible to access pages without having to log in (for example home.php on localhost:8765).
Edit ‘./src/Controller/PagesController.php’. Add function ‘beforeFilter’. The action to allowUnauthenticated is ‘display’.
Make it possible to ‘index’ and ‘view’ of TableX without having to log in.
Edit ‘./src/Controller/TableXController.php’. Add function ‘beforeFilter’.
Add a Users-table (email, password) to the database .
Create the login-page.
Add the code below the sentence ‘Add the template logic for your login action’ on the CMS Tutorial - Authentication page to a new file ‘./templates/Users/login.php’.
When asking end-users to review a prototype with authentication configured this way, there is no need to give any extra written or spoken explanation how to use the prototype regarding the authentication. They are prompted to login when needed, everybody is entitled to add a user.
Except for at least one thing, how to logout (another will be the forgotton password). I added a logout-button which is only visible when logged in. Don’t know if it’s the proper way, it works:
Added to the app_controller:
public function beforeFilter(\Cake\Event\EventInterface $event)
{
parent::beforeFilter($event);