Cakephp Auth with multiple "Users" tables
Solution 1
CakePHP's AuthComponent only supports authentication against a single "User" model at a time. The model is chosen by setting the Auth::userModel property, but it only accepts a string and not an array of models.
You can switch the userModel on the fly with the following code, but this requires you to know in advance which model to switch to (eg. your users have to choose their account type from a dropdown):
public function beforeFilter() {
if (isset($this->data['User']['model'])) {
$this->Auth->userModel = $this->data['User']['model'];
}
}
You can likely extend the core AuthComponent to add the functionality you want by overwriting the AuthComponent::identify() method so it loops over and attempts authentication with each model:
App::import('Component', 'AuthComponent');
class AppAuthComponent extends AuthComponent {
function identify($user = null, $conditions = null) {
$models = array('User', 'Admin', 'Artist', 'TeamAdmin');
foreach ($models as $model) {
$this->userModel = $model; // switch model
$result = parent::identify($user, $conditions); // let cake do it's thing
if ($result) {
return $result; // login success
}
}
return null; // login failure
}
}
You will have to replace occurrences of Auth in your application with AppAuth to use your extended AuthComponent, unless you use this trick.
Solution 2
While annoying, I think the best solution is probably using Cake's built in ACL support (see http://book.cakephp.org/2.0/en/tutorials-and-examples/simple-acl-controlled-application/simple-acl-controlled-application.html).
If you do authentication the way you're talking about, you have to keep track of permissions in your controller code, checking to see what the userModel is. If you use an access control list, the permission tree will already exist in the database, which should simplify your code a great deal, and make it more modular.
It also means restructuring your data model to have a single users table and groups table instead of entity classes for each type of user.
I just went through the process of doing this myself... :(
Nicolas
Updated on June 03, 2022Comments
-
Nicolas almost 2 years
I would like to know how to deal with only ONE authentification process and "users" in multiple tables. I have 4 Users table: users, admins, artists, teamadmins which all have specific fields, but I would like all of these users to be able to connect via only one form on the homepage, and being redirected after that to their specific dashboards.
I think the redirections shouldn't be a problem, and some routes added should work, but I really don't know where to look/start to ake this all possible.
Cheers,
Nicolas.EDIT: here's the final solution (thanks to deizel)
App::import('Component', 'Auth'); class SiteAuthComponent extends AuthComponent { function identify($user = null, $conditions = null) { $models = array('User', 'Admin', 'Artist'); foreach ($models as $model) { $this->userModel = $model; // switch model $this->params["data"][$model] = $this->params["data"]["User"]; // switch model in params/data too $result = parent::identify($this->params["data"][$model], $conditions); // let cake do its thing if ($result) { return $result; // login success } } return null; // login failure } } -
Nicolas almost 14 yearsThank you for your detailed answer. I'll come back to you and validate your answer as soon as it is working(if not I'll post comments, but it looks promising). Cheers.
-
Nicolas almost 14 yearsSo I choose the second solution, and it works perfectly with your code and a line I had to add :
$this->params["data"][$model] = $this->params["data"]["User"];. Thanks! -
Sagar Guhe over 9 yearsHi, @Nicolas, Can you get me a modified code so that I can refer it properly, here I am finding difficulty where you added the line exactly as I am learning cake currently, Thanks! -
Sagar Guhe over 9 years@Nicolas ok fine you edited the question with a final solution.
-
Zetaphor over 8 yearsThis does not allow a second auth user model, it simply changes it from the default expected "Users" table.