I can't find a solution to my problem. I have an CakePHP website using Auth Component and ACL component. I do not want users who are not active to be able to log in.
I found that userScope in Auth component can do that. So in my AppController inside the beforeFilter, i added this :
$this->Auth->userScope = array('User.active' => 1);
Of course in my UserController beforeFilter, a call to the parent method is made.
However, this doesn't worj, I am still able to login in with a user who have active set to 0. I think it might be because of ACL component ?
Here is my beforFilter in AppController
public function beforeFilter()
{
if (!$this->Session->check('Auth.User'))
$this->layout = 'identification';
$this->Auth->allow('display');
//Configure AuthComponent
$this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
$this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login');
$this->Auth->loginRedirect = array('controller' => 'users', 'action' => 'welcome');
$this->Auth->userScope = array('User.active' => 1);
}
What am I missing ?
The code you use is not valid with Cake 2. See http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html#configuring-authentication-handlers
Here is some code that should work:
$this->Auth->authenticate = array('Form' => array('scope' => array('User.active' => 1)));