I want to setup CakeDC/Users plugin to allow FormAuthentication plus also Token Authentication for API enfpoints. FormLogin etc. is working but I cannot get the Token Authentication working. From what I was able to debug, it seems that the TokenAuthenticator is loaded and gets called but not the TokenIdentifier (only PasswordIdentifier).
I have tried several setups in config/users.php this is my latest try:
return [
'Users.Social.login' => false,
'Users.Registration.active' => false,
'Auth.Authenticators.Token' => [
'className' => 'Authentication.Token',
'skipTwoFactorVerify' => true,
'header' => 'Authorization',
'queryParam' => 'token',
'tokenPrefix' => 'Token',
'unauthenticatedRedirect' => null,
'identifier' => [
'className' => 'Authentication.Token',
'tokenField' => 'api_token',
'resolver' => [
'className' => 'Authentication.Orm',
'finder' => 'active'
],
]
// 'className' => '\Authentication\Authenticator\TokenAuthenticator',
],
];
I also tried a seperate Auth.Identifiers key but this seems to be deprecated. It didn’t work as well.
Just for my understanding; Would I need to setup anything at all? The documentation reads like TokenAuthentication and TokenIdentifier would be loaded “out of the box” by the CakeDC/Users plugin? If yes, how exactly would the configuration look like? Do I have to do something else besides setup in config/users.php? I think I am missing something here. Seems like this is a rather standard default setup that should work ootb. What am I missing? Could osmeone give me a working example config?
CakePHP: 5.2
CakeDC/Users: 15.1.3