How to use CakePHP's built-in authentication system?

@denis 

CakePHP comes with a built-in authentication system that allows you to quickly add user authentication to your application. Here are the steps to use CakePHP's built-in authentication system:

Step 1: Create a new CakePHP application or open an existing one.

Step 2: Make sure that you have the Auth component loaded in your controller. You can do this by adding the following code to your controller:

1

public $components = array('Auth');

Step 3: Configure the Auth component by adding the following code to your controller:

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11
12
13
14
15
16
17
18
19

public function beforeFilter() {
    $this->Auth->authenticate = array(
        'Form' => array(
            'fields' => array('username' => 'email')
        )
    );
    $this->Auth->loginAction = array(
        'controller' => 'users',
        'action' => 'login'
    );
    $this->Auth->logoutRedirect = array(
        'controller' => 'users',
        'action' => 'login'
    );
    $this->Auth->loginRedirect = array(
        'controller' => 'pages',
        'action' => 'home'
    );
}

In this code, we are configuring the Auth component to use the Form authentication adapter, which uses a simple username and password form for authentication. We are also specifying the fields to use for the username and password.

Step 4: Create a login action in your UsersController that displays the login form:

1
2
3
4
5
6
7
8
9

public function login() {
    if ($this->request->is('post')) {
        if ($this->Auth->login()) {
            return $this->redirect($this->Auth->redirectUrl());
        } else {
            $this->Flash->error(__('Invalid username or password, try again'));
        }
    }
}

In this code, we are checking if the user has submitted the login form via a POST request. If they have, we attempt to log them in using the Auth component's login() method. If the login is successful, we redirect the user to the page they were trying to access before they were prompted to log in. If the login fails, we display an error message.

Step 5: Create a logout action in your UsersController:

1
2
3

public function logout() {
    return $this->redirect($this->Auth->logout());
}

In this code, we are logging the user out using the Auth component's logout() method and redirecting them to the login page.

Step 6: Protect your application by adding the Auth component to any controllers that require authentication:

1
2
3
4

public $components = array('Auth');
public function beforeFilter() {
    $this->Auth->deny();
}

In this code, we are adding the Auth component to our controller and denying access to any actions that do not require authentication.

That's it! Your CakePHP application now has a built-in authentication system that allows users to log in and out of your application.