Flash error in Authentication Plugin

Need Help
1

Hello Everyone!!!, Is Somebody manage to add flash error message in authentication plugin when trying to access a action not include in addUnauthenticatedActions?

public function getAuthenticationService(ServerRequestInterface $request): AuthenticationServiceInterface
{
$authenticationService = new AuthenticationService([
‘unauthenticatedRedirect’ => Router::url([‘prefix’ => false, ‘controller’ => ‘Users’, ‘action’ => ‘login’]),
‘queryParam’ => ‘redirect’,
]);

    // Load identifiers, ensure we check email and password fields
    $authenticationService->loadIdentifier('Authentication.Password', [
        'fields' => [
            'username' => ['username', 'email'],
            'password' => 'password',
        ],
        'resolver' => [
            'className' => 'Authentication.Orm',
            'userModel' => 'Users',
            'finder' => 'auth',
        ],
    ]);

    // Load the authenticators, you want session first
    $authenticationService->loadAuthenticator('Authentication.Session');
    // Configure form data check to pick email and password
    $authenticationService->loadAuthenticator('Authentication.Form', [
        'fields' => [
            'username' => 'username',
            'password' => 'password',
        ],
        'loginUrl' => Router::url(['prefix' => false, 'controller' => 'Users', 'action' => 'login']),
    ]);

    $authenticationService->loadIdentifier('RememberMe.RememberMeToken', [
        'fields' => [
            'username' => 'email',
            'password' => 'password',
        ],
        'userTokenFieldName' => 'remember_me_token',
        'tokenStorageModel' => 'RememberMe.RememberMeTokens',
        'resolver' => [
            'className' => 'Authentication.Orm',
            'userModel' => 'Users',
        ],
    ]);
    $authenticationService->loadAuthenticator('RememberMe.Cookie', [
        'fields' => [
            'username' => 'email',
            'password' => 'password',
        ],
        'loginUrl' => Router::url(['prefix' => false, 'controller' => 'Users', 'action' => 'login']),
        'rememberMeField' => 'remember_me',
        'cookie' => [
            'name' => 'rememberMe',
            'expires' => '+30 days',
            'secure' => true,
            'httpOnly' => true,
        ],
        'tokenStorageModel' => 'RememberMe.RememberMeTokens',
        'always' => false,
        'dropExpiredToken' => true,
    ]);

    return $authenticationService;
}
2

Have you looked at Authorization Middleware - 1.1? You don’t generate flash messages from the authentication, but from some middleware handling an exception thrown by the authentication.

1 Like
3

I see that but I dont use it

->add(new AuthorizationMiddleware($this, [
            'requireAuthorizationCheck' => false,
        ]));

cause I thought it will not work because of this

4 
        ->add(new AuthorizationMiddleware($this, [

// ‘requireAuthorizationCheck’ => true,
‘unauthorizedHandler’ => [
‘className’ => ‘Authorization.CustomRedirect’,
‘exceptions’ => [
\Authorization\Exception\MissingIdentityException::class,
\Authorization\Exception\ForbiddenException::class,
],
],
]));

<?php declare( strict_types = 1 ); namespace App\Middleware\UnauthorizedHandler; use Authorization\Exception\Exception; use Authorization\Middleware\UnauthorizedHandler\RedirectHandler; use Psr\Http\Message\ResponseInterface; use Psr\Http\Message\ServerRequestInterface; use Cake\Http\Session; class CustomRedirectHandler extends RedirectHandler { public function handle(Exception $exception, ServerRequestInterface $request, array $options = []): ResponseInterface { // Get session from the request $session = $request->getAttribute('session'); if ($session instanceof Session) { // Write the flash message into the session $session->write('Flash.flash', [ [ 'message' => 'You are not authorized to access that location.', 'key' => 'flash', 'element' => 'flash/default', 'params' => [] ] ]); } // Call the parent handler to manage the redirect return parent::handle($exception, $request, $options); } } I try this solution the flash does not appear