Hi, I created some Admin Area as a separate project to my previous project.
Now in Admin area, all methods in all controller shouldn’t be accessable without login. Just only the login method should be without Authorization check.
Do I have to check in each methode? Or is there some general way?
This is usually the default once you added the auth middleware topics etc.
You usually manually whitelist the one method that is “public”.
OK I will check. I implemented 2 components Authorization and Authentication.
And I thought,
But for now, I got error that I have no authorization on the page, when I try got call it directly.
What I expect is an Error: You are not logged in.
That’s why my question of a general check for login on some higher level
After the Authentication Plugin has been setup (Middleware added and Component loaded) it will by default require all actions to be logged in as that is the best practice.
What you need to do is add your “not logged in actions” to be called without a user.
Look at CMS Tutorial - Authentication | CakePHP and search for addUnauthenticatedActions
You can also check out my auth workshop from 3 years ago (but still valid!)
Hah….
All I have to say is, thanks for your effort creating this video. It helped me a lot.
cheers Frank