# |
May 17th 2021, 17:31 |
kevin.pfeifer |
let me try that too |
# |
May 17th 2021, 17:30 |
kushan |
Yeah, I have that added. Auth and authorisation is working. I've wanted to try Request Authorization Middleware. So, I tried to follow the docs, but no luck :) |
# |
May 17th 2021, 17:28 |
kevin.pfeifer |
as for authorization you need to call ```$this->Authorization->skipAuthorization();``` at the start of that function |
# |
May 17th 2021, 17:28 |
kevin.pfeifer |
for authentication |
# |
May 17th 2021, 17:28 |
kevin.pfeifer |
if you want to allow specific functions in controllers to be accessed as a not logged in user use ``` public function beforeFilter( \Cake\Event\EventInterface $event ) { parent::beforeFilter( $event ); // Configure the login action to not require authentication, preventing // the infinite redirect loop issue $this->Authentication->addUnauthenticatedActions( [ 'login' ] ); }``` inside the controller |
# |
May 17th 2021, 17:25 |
kushan |
yeah :) |
# |
May 17th 2021, 17:24 |
slackebot |
<kushan> |
# |
May 17th 2021, 17:24 |
kushan |
@kevin.pfeifer it's coming from https://book.cakephp.org/authorization/2/en/request-authorization-middleware.html#using-it |
# |
May 17th 2021, 17:23 |
kushan |
@neon1024 This is not easy to explain. I've been through this it wasn't easy tbh. Please see the attached pics from my codebase. This is how I'm using. |
# |
May 17th 2021, 17:22 |
kevin.pfeifer |
that is the vendor code throwing the exception but what code causes that? |
# |
May 17th 2021, 17:15 |
kushan |
has anybody managed to get RequestAuthorizationMiddleware? I tried the following, but when user is not logged in I keep getting Authorization\Exception\ForbiddenException https://book.cakephp.org/authorization/2/en/request-authorization-middleware.html |
# |
May 17th 2021, 16:31 |
kevin.pfeifer |
but there are also Table Policies which can be used to filter Queries so only "allowed" data is being shown in queries |
# |
May 17th 2021, 16:30 |
kevin.pfeifer |
in this example there is only an Entity Policy where you call `$this->Authorization->authorize($article);` on whatever entity you try to perform an action on |
# |
May 17th 2021, 16:26 |
kevin.pfeifer |
so like the one explained here? https://book.cakephp.org/4/en/tutorials-and-examples/cms/authorization.html |
# |
May 17th 2021, 16:23 |
neon1024 |
The pattern hasn’t clicked in my brain yet |
# |
May 17th 2021, 16:22 |
neon1024 |
Anyone have an example app demonstrating Authorize policies? Maybe a Cake workshop project? |
# |
May 17th 2021, 16:09 |
kevin.pfeifer |
sorry but i haven't doven into that area that deep ,:) |
# |
May 17th 2021, 16:07 |
neon1024 |
Or should I be loading the controller instance and looking for the actions configured for the AuthenticationComponent? |
# |
May 17th 2021, 16:07 |
ovidiu.marinoiu |
but this one returns missing controller |
# |
May 17th 2021, 16:07 |
ovidiu.marinoiu |
the name of the plugin is PaperLayout |
# |
May 17th 2021, 16:07 |
neon1024 |
Is it right that actions which require no authentication still require authorization?! Seems confusing to me |
# |
May 17th 2021, 16:06 |
ovidiu.marinoiu |
I was hoping this will work |
# |
May 17th 2021, 16:06 |
ovidiu.marinoiu |
```echo $this->Html->meta ( 'favicon.ico', 'paper-layout/favicon.ico', array ('type' => 'icon') );``` |
# |
May 17th 2021, 16:06 |
kevin.pfeifer |
or hardcode it without using the helper function :man-shrugging: |
# |
May 17th 2021, 16:05 |
kevin.pfeifer |
if you can create symlinks i would just load the "default" webroot/favicon.ico and symlink that to your plugins favicon.ico |
# |
May 17th 2021, 16:05 |
kevin.pfeifer |
puh |
# |
May 17th 2021, 16:01 |
ovidiu.marinoiu |
If I have my favicon in the webroot of the plugin, is there a way to link to it in meta()? |
# |
May 17th 2021, 15:57 |
ovidiu.marinoiu |
thanks! |
# |
May 17th 2021, 15:55 |
kevin.pfeifer |
https://book.cakephp.org/4/en/plugins.html#plugin-assets https://book.cakephp.org/4/en/deployment.html#improve-your-application-s-performance |
# |
May 17th 2021, 15:54 |
ovidiu.marinoiu |
Hi! How do I use assets from the webroot of a plugin? |
# |
May 17th 2021, 15:53 |
neon1024 |
I use an auth finder which returns loads of data and after login it’s all deeleted from the session :( |
# |
May 17th 2021, 15:49 |
neon1024 |
Strange when it denys a request it deletes the user data from the session |
# |
May 17th 2021, 15:48 |
neon1024 |
So this Request middleware, I need to add a specific allow for all the allowed methods in Authentication plugin as well? |
# |
May 17th 2021, 15:19 |
paolo.bragagni |
the docs is good enough |
# |
May 17th 2021, 15:19 |
paolo.bragagni |
;) |
# |
May 17th 2021, 15:19 |
paolo.bragagni |
YES!! |
# |
May 17th 2021, 15:19 |
kevin.pfeifer |
since I can definitely say the documentation can be quite confusing ,:) |
# |
May 17th 2021, 15:18 |
kevin.pfeifer |
i will definitely try to someday make a video about the whole cakephp framework and what i learned till now |
# |
May 17th 2021, 15:18 |
paolo.bragagni |
thanks you so much |
# |
May 17th 2021, 15:18 |
paolo.bragagni |
thanks I'll give it a try!!!! |
# |
May 17th 2021, 15:14 |
kevin.pfeifer |
and add the use statesments at the start of course ```use Cake\Event\EventInterface; use Cake\Event\EventManager;``` |