[solved ] Customize default Auth: how to Authenticate user with three fields username password and companyid

I am trying to login user to his specific company. In my business domain, every user belongs to a company.

what I am trying to accomplish ?:
get username password and company from login form and if the username and password matches and user belong to the provided company, log him/her in.

I have tried this two things but not succeeded

  1. created custom auth object
    link to docs
    gist of my code
  2. change Authfinder. but I have not clue how to pass company_id in authfinder method.

thancks in advance

Hi @jaynarayan,

I doubt it should be $this->loadComponent('Auth,... instead of $this->loadComponent('TinyAuth.Auth,... in AppController.php

I m using TinyAuth plugin.
I found the solution using custom auth.
Here is the Working code

you could also change login function, this way you can give user info why he/she cannot be logged (banned, inactive), log activity to log file etc.

in UsersController
use Cake\Auth\DefaultPasswordHasher;


    public function login()
        if ($this->request->is('post')) {
            $userName = $this->request->getData('user_name');
            $companyId = $this->request->getData('company_id');
            $password = $this->request->getData('password');
            $user = $this->Users->findByUserNameAndCompanyId($userName, $companyId)->first();
            if ($user && (new DefaultPasswordHasher())->check($password, $user->password)) {
            } else {
                $this->Flash->error('password/user name/company combination not found');

findByUserNameAndCompanyId is https://book.cakephp.org/3.0/en/orm/retrieving-data-and-resultsets.html#dynamic-finders

Thanks . I will try this.