Add reading epub and pdf in browser

[demorfi]

Added reading epub and pdf in browser

[openam]

Sorry this has been so long. I'm really loving this idea. I've just been swamped.

It doesn't seem to be letting me use the authentication part. I'm trying admin:password for the username:password. I assume that's what's committed to the database.db. Is that correct?

The language settings don't seem to be working for me either.

[openam]

It looks like you used the AuthComponent to generate the password hash. That mean we should probably commit the associated Security.salt and the Security.cipherSeed.

[demorfi]

Username, password, and other settings are stored in the database.db. For the best security is to change the password salt. Settings on the left core.php.default default. Available only two languages ​​- English and Russian. Session keeps the selected language.

[openam]

If that's the case then there really is no default username or password. The only way to change them if you change the Security.salt is by changing $this->Auth->allow('logout'); to $this->Auth->allow(); in the UsersController.php file. I think that I'm going to commit the changed core.php and set default username an passwords.

As for the languages it looks like if I clear my cookies after changing the language I get Russian on the login page, then it changes to english after I login, even though ru is still selected in the settings.

[demorfi]

By default database.db -> table users, 3 user (admin:admin, user:user, children:children). You are using the master branch?

[openam]

I thought set the default passwords to password after seeing commit 284842a. I ended up committing the core.php file and committing the passwords with commit 69021dd. I updated documentation in commit 978db18.

Yes, I'm using the master branch.

[demorfi]

Thank you. I've updated my branch.

[danpolanco]

I believe I'm seeing a related issue. If I change the salt, I can't login using the default users. And if I can't change the salt, then having a salt becomes pointless, yeah?

The other oddity is that it always pops up and asks for basic auth like so:

I have it running behind a reverse proxy, so perhaps that is why?

Nice work otherwise.

[openam]

@DanTheColoradan see #12 (comment) that will allow you to change the salt and go to the routes to change the passwords without being authenticated.

[danpolanco]

[...] The only way to change them if you change the Security.salt is by changing $this->Auth->allow('logout'); to $this->Auth->allow(); in the UsersController.php file. [...]

So I should change it to $this->Auth->allow();. Do I need to change it back after setting the passwords?

[openam]

Yes, you'd want to change it back afterwards, otherwise it's allowed by anyone with or without being logged in.

$this->Auth->allow(); allows anyone logged in or not to access all the routes. See, http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html#making-actions-public

[danpolanco]

Awesome. Thanks.