Add another chunk to the CMS tutorial. #5101
Conversation
|
I was just going to ask about this. Good timing 😄 I'll pull this tomorrow and continue running through it. I think I will start the complimentary testing tutorial soon. |
| 'unauthorizedRedirect' => $this->referer() | ||
| ]); | ||
|
|
||
| // Allow the display action so our pages controller |
There was a problem hiding this comment.
It is all controllers.
| And in **src/Template/Users/login.ctp** add the following:: | ||
|
|
||
| <h1>Login</h1> | ||
| <?= $this->Form->create() ?> |
There was a problem hiding this comment.
is not better to use entity object here?
$this->Form->create($user)
There was a problem hiding this comment.
There is no entity though.
jeremyharris
left a comment
jeremyharris
left a comment
There was a problem hiding this comment.
Looking good! I once again tried to approach this as someone who's totally unfamiliar, so please forgive/ignore any verbosity I suggest.
| // continues to work. Also enable the read only actions. | ||
| $this->Auth->allow(['display', 'view', 'index']); | ||
| } | ||
| } |
There was a problem hiding this comment.
As this was baked, it has code it in at this point. Do you think including that code or a // existing code would be good? If using the // existing code, you can remove the FlashComponent as that is baked in. Here's the baked code if you want to include it instead:
public function initialize()
{
parent::initialize();
$this->loadComponent('RequestHandler');
$this->loadComponent('Flash');
/*
* Enable the following components for recommended CakePHP security settings.
* see http://book.cakephp.org/3.0/en/controllers/components/security.html
*/
//$this->loadComponent('Security');
//$this->loadComponent('Csrf');
}| components. In addition, we've customized the configuration of AuthComponent, as | ||
| our users table uses ``email`` as the username. Now, if you go to any URL you'll | ||
| be redirected to **/users/login**, which will show an error page as we have | ||
| not written that code yet. So let's create the login action:: |
There was a problem hiding this comment.
"any URL (other than our static pages and any read-only pages)"
or
"any protected URL, such as **/artlcles/add**"
The only reason I think we should note this is that hitting the homepage is "allowed" and may confuse people as to what they did wrong.
| .. note:: | ||
|
|
||
| If none of your users have hashed passwords, comment the | ||
| ``loadComponent('Auth')`` line. Then go and edit the user, |
There was a problem hiding this comment.
"line" -> "block"
And maybe also need to note to uncomment the $this->Auth->allow() line, as the auth component would no longer be loaded.
|
|
||
| If none of your users have hashed passwords, comment the | ||
| ``loadComponent('Auth')`` line. Then go and edit the user, | ||
| saving a new password for them. |
There was a problem hiding this comment.
"After saving a new password for the user, make sure to uncomment the lines we just temporarily commented!"
| saving a new password for them. | ||
|
|
||
| You should now be able to log in. If not, make sure you are using a user that | ||
| has a hashed password. |
There was a problem hiding this comment.
Maybe a new para:
"Try it out! Before logging in, visit **/articles/add**. Since this action is not allowed, you will be redirected to the login page. After logging in successfully, CakePHP will automatically redirect you back to **/articles/add**."
| return $this->redirect($this->Auth->logout()); | ||
| } | ||
|
|
||
| This code adds the ``logout`` action as one that does not require authentication |
There was a problem hiding this comment.
"adds the ``logout`` action to the list of ones that do not"
|
Thanks for the great feedback @jeremyharris |
I haven't forgotten about this. One day I might even be finished it.