phpauthenticationcakephpcakedc

Cakedc.users => always redirect to homepage


I'm using the plugins "CakeDC/Users" on a brain new Cakephp installation. I've got two controllers : PagesController.php, CardsController.php. Pages has 1 action (Beta, it's the homepage), and Cards two actions (index, and single).

Here is the setup in the bootstrap :

Configure::write('Users.config', ['users']);
Plugin::load('CakeDC/Users', ['routes' => true, 'bootstrap' => true]);

And the configuration of the plugin in config/users.php :

return [
'Users' => [
    'Email' => [
        'validate' => false
    ]
],
'Auth' => [
    'loginAction' => [
        'plugin' => null,
        'controller' => 'Members',
        'action' => 'login',
        'prefix' => null
    ],
    'logoutAction' => [
        'plugin' => null,
        'controller' => 'Members',
        'action' => 'logout',
        'prefix' => null
    ],
    'authenticate' => [
        'all' => [
            'finder' => 'auth',
        ],
        'CakeDC/Users.ApiKey',
        'CakeDC/Users.RememberMe',
        'Form',
    ],
    'authorize' => [
        //'CakeDC/Users.Superuser',
        //'CakeDC/Users.SimpleRbac',
    ],
],

];

I've only have one route configured :

$routes->connect('/', ['controller' => 'Pages', 'action' => 'Beta', 'home']);

And here is my AppController.php :

    public function initialize()
    {
        parent::initialize();
        $this->loadComponent('Flash');
        $this->loadComponent('CakeDC/Users.UsersAuth');
    }

The homepage is Allowed :

$this->Auth->allow('beta');

When not logged in, I can only access /pages/beta, which is ok. I can register, login, and logout with the plugin, no problem on this side.

Once I'm logged, I can't access any other pages than the homepage. If I got to /cards/index, or /cards/single, I'm always redirect to the homepage. If I disabled the plugin, pages access is ok.

I'm stuck on this since a while now, any help ? Thanks, Best Regards


Solution

  • Nevermind, I've replaced :

    'authorize' => [
           //'CakeDC/Users.Superuser',
           //'CakeDC/Users.SimpleRbac',
    ],
    

    By :

    'authorize' => false,
    

    The plugin used authorize with a component by default, so if you're not going to use it, you have the set "false" to be sure you don't have issues. Or you have to setup the authorized controllers and actions by setting up the good setup.

    Thanks,