/Authenticate

CakePHP plugin with authentication classes for AuthComponent

Primary LanguagePHPMIT LicenseMIT

Authenticate plugin

Build Status Coverage Status

Plugin containing some authenticate classes for AuthComponent.

Current classes:

  • MultiColumnAuthenticate, allow login with multiple db columns in single username field For example username or email
  • CookieAuthenticate, login with a cookie
  • TokenAuthenticate, login with a token as url parameter or header

GoogleAuthenticate is moved to separate repo: https://github.com/ceeram/GoogleAuthenticate

Requirements

  • PHP 5.3
  • CakePHP 2.x

Installation

[Composer]

run: composer require friendsofcake/authenticate or add friendsofcake/authenticate to require in your applications composer.json

[Manual]

[GIT Submodule]

In your app directory type:

git submodule add git://github.com/FriendsOfCake/Authenticate.git Plugin/Authenticate
git submodule init
git submodule update

[GIT Clone]

In your plugin directory type git clone git://github.com/FriendsOfCake/Authenticate.git Authenticate

Usage

In app/Config/bootstrap.php add: CakePlugin::load('Authenticate');

Configuration:

Setup the authentication class settings

MultiColumnAuthenticate:

    //in $components
    public $components = array(
        'Auth' => array(
            'authenticate' => array(
                'Authenticate.MultiColumn' => array(
                    'fields' => array(
                        'username' => 'login',
                        'password' => 'password'
                    ),
                    'columns' => array('username', 'email'),
                    'userModel' => 'User',
                    'scope' => array('User.active' => 1)
                )
            )
        )
    );
    //Or in beforeFilter()
    $this->Auth->authenticate = array(
        'Authenticate.MultiColumn' => array(
            'fields' => array(
                'username' => 'login',
                'password' => 'password'
            ),
            'columns' => array('username', 'email'),
            'userModel' => 'User',
            'scope' => array('User.active' => 1)
        )
    );

CookieAuthenticate:

    //in $components
    public $components = array(
        'Auth' => array(
            'authenticate' => array(
                'Authenticate.Cookie' => array(
                    'fields' => array(
                        'username' => 'login',
                        'password' => 'password'
                    ),
                    'userModel' => 'SomePlugin.User',
                    'scope' => array('User.active' => 1)
                )
            )
        )
    );
    //Or in beforeFilter()
    $this->Auth->authenticate = array(
        'Authenticate.Cookie' => array(
            'fields' => array(
                'username' => 'login',
                'password' => 'password'
            ),
            'userModel' => 'SomePlugin.User',
            'scope' => array('User.active' => 1)
        )
    );

Setup both:

It will first try to read the cookie, if that fails will try with form data:

    //in $components
    public $components = array(
        'Auth' => array(
            'authenticate' => array(
                'Authenticate.Cookie' => array(
                    'fields' => array(
                        'username' => 'login',
                        'password' => 'password'
                    ),
                    'userModel' => 'SomePlugin.User',
                    'scope' => array('User.active' => 1)
                ),
                'Authenticate.MultiColumn' => array(
                    'fields' => array(
                        'username' => 'login',
                        'password' => 'password'
                    ),
                    'columns' => array('username', 'email'),
                    'userModel' => 'User',
                    'scope' => array('User.active' => 1)
                )
            )
        )
    );

Security

For enhanced security, make sure you add this code to your AppController::beforeFilter() if you intend to use Cookie authentication:

public function beforeFilter() {
  $this->Cookie->type('rijndael'); //Enable AES symetric encryption of cookie
}

Setting the cookie

Example for setting the cookie:

<?php
App::uses('AppController', 'Controller');
/**
 * Users Controller
 *
 * @property User $User
 */
class UsersController extends AppController {

	public $components = array('Cookie');

	public function beforeFilter() {
		$this->Cookie->type('rijndael');
	}

	public function login() {
		if ($this->Auth->loggedIn() || $this->Auth->login()) {
			$this->_setCookie();
			$this->redirect($this->Auth->redirect());
		}
	}

	protected function _setCookie() {
		if (!$this->request->data('User.remember_me')) {
			return false;
		}
		$data = array(
			'username' => $this->request->data('User.username'),
			'password' => $this->request->data('User.password')
		);
		$this->Cookie->write('User', $data, true, '+1 week');
		return true;
	}

	public function logout() {
		$this->Auth->logout();
		$this->Session->setFlash('Logged out');
		$this->redirect($this->Auth->redirect('/'));
	}
}

TokenAuthenticate

    //in $components
    public $components = array(
        'Auth' => array(
            'authenticate' => array(
                'Authenticate.Token' => array(
                    'parameter' => '_token',
                    'header' => 'X-MyApiTokenHeader',
                    'userModel' => 'User',
                    'scope' => array('User.active' => 1),
                    'fields' => array(
                        'username' => 'username',
                        'password' => 'password',
                        'token' => 'public_key',
                    ),
                    'continue' => true
                )
            )
        )
    );
    //Or in beforeFilter()
    $this->Auth->authenticate = array(
        'Authenticate.Token' => array(
            'parameter' => '_token',
            'header' => 'X-MyApiTokenHeader',
            'userModel' => 'User',
            'scope' => array('User.active' => 1),
            'fields' => array(
                'username' => 'username',
                'password' => 'password',
                'token' => 'public_key',
            ),
            'continue' => true
        )
    );