I'm building a CakePHP application and I have an API controller. This holds some methods that are common around the site, and I use them with jQuery AJAX calls to do certain things. I recently implemented user registration with the Auth component, but now whenever I try and access the API when I'm not logged in I get redirected to the login page.
This is my AppController code:
class AppController extends Controller {
public $components = array('Session', 'Auth' => array(
'loginRedirect' => array('controller' => 'users', 'action' => 'images'),
'logoutRedirect' => array('controller' => 'pages', 'action' => 'home')
));
public function beforeRender() {
$this->set('loggedIn', $this->Auth->loggedIn());
$this->set('username', $this->Auth->user('username'));
}
public function beforeFilter() {
$this->Auth->allow('home', 'register', 'login');
}
}
I know I can allow certain methods within my API controller with the $this->Auth->allow() method, but is there any way to make it controller-wide? For example, is there something I can put in my API controller so non-logged in users can access its methods aswell? I'd rather not put the method names for each action in the allowed list, because there's about 30 of them.
Thanks.
Put this in the ApiController:
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow(); //pass no arguments to allow all
}