ログイン認証処理をする方法

CakePHPでは認証処理を行う方法として、Authコンポーネントが用意されています。

/cake/libs/controller/components/auth.php

これをコントローラ内で使用するように指定することで、そのコントローラに認証制限をかけることができます。

class TestController extends AppController
{
  var $components = array('Auth');
  function index() {

  }
}

/app/controllers/components/auth.php
にコピーすると、
/cake/libs/controller/components/auth.php
より優先して読み込まれるので、カスタマイズしやすくなります。

ただこの方法だとAuthコンポーネントすべてを読み込むことになるので、どこをカスタマイズしたかわかりにくくなります。
そのため子クラスを作って、それを読み込むようにして、カスタマイズする部分をオーバーライドしたほうがいいです。

App::import('Core', array('Auth'), false);

class MemberAuthComponent extends AuthComponent {

}

コントローラの中でオーバーライドすることもできます。

$this->Auth->loginError = "パスワードが違います。";
プロパティ説明
$_loggedIn = false;Maintains current user login state.
$components = array('Session', 'RequestHandler');Other components utilized by AuthComponent
$authenticate = null;A reference to the object used for authentication
http://book.cakephp.org/view/1278/authenticate
$authorize = false;The name of the component to use for Authorization or set this to 'controller' will validate against Controller::isAuthorized() 'actions' will validate Controller::action against an AclComponent::check() 'crud' will validate mapActions against an AclComponent::check() array('model'=> 'name'); will validate mapActions against model $name::isAuthorized(user, controller, mapAction) 'object' will validate Controller::action against object::isAuthorized(user, controller, action)
http://book.cakephp.org/view/1275/authorize
$ajaxLogin = null;The name of an optional view element to render when an Ajax request is made with an invalid or expired session
http://book.cakephp.org/view/1277/ajaxLogin
$flashElement = 'default';The name of the element used for SessionComponent::setFlash
$userModel = 'User';The name of the model that represents users which will be authenticated. Defaults to 'User'.
http://book.cakephp.org/view/1266/userModel
$userScope = array();Additional query conditions to use when looking up and authenticating users, i.e. array('User.is_active' => 1).
http://book.cakephp.org/view/1268/userScope
$fields = array('username' => 'username', 'password' => 'password'); Allows you to specify non-default login name and password fields used in $userModel, i.e. array('username' => 'login_name', 'password' => 'passwd').
$sessionKey = null;The session key name where the record of the current user is stored. If unspecified, it will be "Auth.{$userModel name}".
$actionPath = null;If using action-based access control, this defines how the paths to action ACO nodes is computed. If, for example, all controller nodes are nested under an ACO node named 'Controllers', $actionPath should be set to "Controllers/".
$loginAction = null;A URL (defined as a string or array) to the controller action that handles logins.
http://book.cakephp.org/view/1269/loginAction
$loginRedirect = null;Normally, if a user is redirected to the $loginAction page, the location they were redirected from will be stored in the session so that they can be redirected back after a successful login. If this session value is not set, the user will be redirected to the page specified in $loginRedirect.
http://book.cakephp.org/view/1270/loginRedirect
$logoutRedirect = null;The default action to redirect to after the user is logged out. While AuthComponent does not handle post-logout redirection, a redirect URL will be returned from AuthComponent::logout(). Defaults to AuthComponent::$loginAction.
http://book.cakephp.org/view/1271/logoutRedirect
$object = null;The name of model or model object, or any other object has an isAuthorized method.
$loginError = null;Error to display when user login fails. For security purposes, only one error is used for all login failures, so as not to expose information on why the login failed.
http://book.cakephp.org/view/1272/loginError
$authError = null;Error to display when user attempts to access an object or action to which they do not have acccess.
http://book.cakephp.org/view/1273/authError
$autoRedirect = true;Determines whether AuthComponent will automatically redirect and exit if login is successful.
http://book.cakephp.org/view/1274/autoRedirect
$allowedActions = array();Controller actions for which user validation is not required.
http://book.cakephp.org/view/1251/Setting-Auth-Component-Variables
$actionMap = array(..);Maps actions to CRUD operations. Used for controller-based validation ($validate = 'controller').
$data = array();Form data from Controller::$data
$params = array();Parameter data from Controller::$params
$_methods = array();Method list for bound controller

関連記事

スポンサーリンク

生年月日などで年を選択するときのサンプルコード

ホームページ製作・web系アプリ系の製作案件募集中です。

上に戻る