What's wrong with my code ? Please help me?

can i create multiple login methods using same authentication ?

Users/login — web login
Users/loginAsUser – from api

how can create this things in CakePHP

what’s wrong code because i got every time new password ?

 $this->request->allowMethod(['get', 'post']);
        // $result = $this->Authentication->getResult();
        $result = $this->request->getData();
        $password = $this->request->getData('password');
        $hasher = new DefaultPasswordHasher();
        $pass = $hasher->hash($password);
        pr($pass); die();
        $email = $result->getData('email');
        $password = $result->getData('password');

        $res = $this->Users->find('all')->where(['email'=>$email->email,'password'=>$password->password])->first();
         return $this->response
            'response' => $r,

I got solution above problem.

 $this->autoRender= false;
        $result = array();
        $this->request->allowMethod(['get', 'post']);
        $email = $this->request->getData('email');
        $db = $this->Users->find('all')->where(['email'=>$email])->first();
        $password = $this->request->getData('password');
        if ((new DefaultPasswordHasher)->check($password, $db->password)) {
            } else {
         return $this->response
            'response' => $result,

the best way of using multiple login authentication is that you must code into application.php file. If you are using authentication plugin then you have more control about login system for web application and Api based application. Authentication plugin provide some methods and these method s match request URL and return response according to your Request URL… Web or Api, this is the best way for multiple login authentication even you can provide role base access there. :slight_smile:

can explain in details.

you must read the docs of cakephp you’ll get all there… read again and again my friends

1 Like

If you mean something like 2FA I can recommend you look at CakeDC/Auth

It uses a custom AuthenticationService class to overwrite the authenticate() method which is called by the AuthenticationMiddleware

But from what I can understand is that you probably mean a custom Authenticator and/or Identifier.
I would recommend you watch my Cakfest Workshop from last year going through the concept of these 2 components.

Because in the end all requests get processed by the AuthenticationMiddleware and therefore through the whole Authenticator => Identifier procedure.