rubyan/cake3-cookieauth

A simple Cake3 plugin to authenticate users with Cookies.

Maintainers

Details

github.com/Rubyan/Cake3-CookieAuth

Homepage

Source

Issues

Installs: 9 969

Dependents: 0

Suggesters: 0

Security: 0

Stars: 1

Watchers: 1

Forks: 0

Open Issues: 0

Type:cakephp-plugin

3.7.1 2018-12-20 21:17 UTC

Requires

Requires (Dev)

MIT 5630e7e125d2a077fea8f3f1804ac63e6cfbee98

  • Xety <zoro.fmt.woop@gmail.com>
  • Rubyan <jvdkuijl.woop@gmail.com>

plugincakephploginauthcookieauthenticatecake3

This package is auto-updated.

Last update: 2024-04-21 19:57:37 UTC

README

A simple Cake3 plugin to authenticate users with Cookies. This plugin is based on the awesome plugin Xety/Cake3-Cookieauth but with an option to allow empty passwords. It has also been fixed for CakePHP 3.7

Requirements

  • CakePHP 3.X

Installation

Run : composer require rubyan/cake3-cookieauth:1.* Or add it in your composer.json:

"require": {
	"rubyan/cake3-cookieauth": "1.*"
},

Usage

In your config/bootstrap.php add :

Plugin::load('Xety/Cake3CookieAuth');

In your AppController :

public $components = [
	'Cookie',
	'Auth' => [
		'authenticate' => [
			'Form',
			'Xety/Cake3CookieAuth.Cookie'
		]
	]
			
];

In your AppController, in the beforeFilter action :

public function beforeFilter(Event $event) {
	//Automaticaly Login.
	if (!$this->Auth->user() && $this->Cookie->read('CookieAuth')) {

		$user = $this->Auth->identify();
		if ($user) {
			$this->Auth->setUser($user);
		} else {
			$this->Cookie->delete('CookieAuth');
		}
	}
}

//If you want to update some fields, like the last_login_date, or last_login_ip, just do :
public function beforeFilter(Event $event) {
	//Automaticaly Login.
	if (!$this->Auth->user() && $this->Cookie->read('CookieAuth')) {
		$this->loadModel('Users');

		$user = $this->Auth->identify();
		if ($user) {
			$this->Auth->setUser($user);

			$user = $this->Users->newEntity($user);
			$user->isNew(false);
			
			//Last login date
			$user->last_login = new Time();
			//Last login IP
			$user->last_login_ip = $this->request->clientIp();
			//etc...

			$this->Users->save($user);
		} else {
			$this->Cookie->delete('CookieAuth');
		}
	}
}

In your login action, after $this->Auth->setUser($user); :

//It will write Cookie without RememberMe checkbox
$this->Cookie->configKey('CookieAuth', [
	'expires' => '+1 year',
	'httpOnly' => true
]);
$this->Cookie->write('CookieAuth', [
	'username' => $this->request->data('username'),
	'password' => $this->request->data('password')
]);


//If you want use a RememberMe checkbox in your form :
//In your view
echo $this->Form->checkbox('remember_me');

//In the login action :
if($this->request->data('remember_me')) {
	$this->Cookie->configKey('CookieAuth', [
		'expires' => '+1 year',
		'httpOnly' => true
	]);
	$this->Cookie->write('CookieAuth', [
		'username' => $this->request->data('username'),
		'password' => $this->request->data('password')
	]);
}

If you use LDAP for authentication you don't want to store the password obviously. You can set the password to null when writing the cookie.

	$this->Cookie->write('CookieAuth', [
		'username' => $this->request->data('username'),
		'password' => null
	]);

Contribute

Follow this guide to contribute