From 49157d83ae008c3127113a2e31b3a7d3c824205f Mon Sep 17 00:00:00 2001
From: ADmad <admad.coder@gmail.com>
Date: Sun, 10 Feb 2013 13:49:07 +0530
Subject: [PATCH] Breaking down AuthComponent::startup() into multiple methods
 for easier management and extension.

---
 .../Controller/Component/AuthComponent.php    | 74 +++++++++++++------
 1 file changed, 50 insertions(+), 24 deletions(-)

diff --git a/lib/Cake/Controller/Component/AuthComponent.php b/lib/Cake/Controller/Component/AuthComponent.php
index cb7cba8a364..c8eac246487 100644
--- a/lib/Cake/Controller/Component/AuthComponent.php
+++ b/lib/Cake/Controller/Component/AuthComponent.php
@@ -294,12 +294,36 @@ public function startup(Controller $controller) {
 		if (!$this->_setDefaults()) {
 			return false;
 		}
-		$request = $controller->request;
 
-		$url = '';
+		if ($this->_isAllowed($controller)) {
+			return true;
+		}
+
+		if (!$this->_getUser()) {
+			return $this->_unauthenticated($controller);
+		}
+
+		if (empty($this->authorize) || $this->isAuthorized($this->user())) {
+			return true;
+		}
+
+		return $this->_unauthorized($controller);
+	}
+
+/**
+ * Checks whether current action is accessible without authentication.
+ * If current action is login action referrer url is saved in session which is
+ * later accessible using AuthComponent::redirectUrl().
+ *
+ * @param Controller $controller A reference to the instantiating controller object
+ * @return boolean True if action is accessible without authentication else false
+ */
+	protected function _isAllowed(Controller $controller) {
+		$action = strtolower($controller->request->params['action']);
 
-		if (isset($request->url)) {
-			$url = $request->url;
+		$url = '';
+		if (isset($controller->request->url)) {
+			$url = $controller->request->url;
 		}
 		$url = Router::normalize($url);
 		$loginAction = Router::normalize($this->loginAction);
@@ -309,35 +333,37 @@ public function startup(Controller $controller) {
 		}
 
 		if ($loginAction == $url) {
-			if (empty($request->data)) {
+			if (empty($controller->request->data)) {
 				if (!$this->Session->check('Auth.redirect') && !$this->loginRedirect && env('HTTP_REFERER')) {
 					$this->Session->write('Auth.redirect', $controller->referer(null, true));
 				}
 			}
 			return true;
 		}
+		return false;
+	}
 
-		if (!$this->_getUser()) {
-			if (!$request->is('ajax')) {
-				$this->flash($this->authError);
-				$this->Session->write('Auth.redirect', $request->here());
-				$controller->redirect($loginAction);
-				return false;
-			}
-			if (!empty($this->ajaxLogin)) {
-				$controller->viewPath = 'Elements';
-				echo $controller->render($this->ajaxLogin, $this->RequestHandler->ajaxLayout);
-				$this->_stop();
-				return false;
-			}
-			$controller->redirect(null, 403);
+/**
+ * Handle unauthenticated access attempt.
+ *
+ * @param Controller $controller A reference to the controller object
+ * @return boolean Returns false
+ */
+	protected function _unauthenticated(Controller $controller) {
+		if (!$controller->request->is('ajax')) {
+			$this->flash($this->authError);
+			$this->Session->write('Auth.redirect', $controller->request->here());
+			$controller->redirect($this->loginAction);
+			return false;
 		}
-
-		if (empty($this->authorize) || $this->isAuthorized($this->user())) {
-			return true;
+		if (!empty($this->ajaxLogin)) {
+			$controller->viewPath = 'Elements';
+			echo $controller->render($this->ajaxLogin, $this->RequestHandler->ajaxLayout);
+			$this->_stop();
+			return false;
 		}
-
-		return $this->_unauthorized($controller);
+		$controller->redirect(null, 403);
+		return false;
 	}
 
 /**