I want to let Auth give access to login(), logout() and add() action of my users controller, but it doesn't matter if I use $this->Auth->allow('logout'); or not I get the message: You are not authorized to access that location. login() and add() work fine though.
This is my AppContoller.php:
class AppController extends Controller {
public $components = array(
'Auth' => array(
'authenticate' => array(
'Form' => array(
'userModel' => 'User',
'fields' => array(
'username' => 'email', 'password' => 'password')
)
),
'loginRedirect' => array('controller' => 'users', 'action' => 'index'),
'logoutRedirect' => array('controller' => 'pages', 'action' => 'display', 'landing')
), 'Session'
);
public function beforeFilter() {
$this->Auth->allow('add', 'login');
}
}
And this is the relevant part of my UsersController.php:
public $helpers = array('Html', 'Form', 'Session');
public $components = array('Session');
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow('logout');
}
public function logout() {
$this->set('title_for_layout', 'Logout');
$this->redirect($this->Auth->logout());
}
Does anyone see the problem here? I appreciate your help.
It seems you are accessing to logout action without problems but the logout redirection destroys your session and redirects you to a page view.
It seems you don't have access to the page without being logged. (you can try it accessing to the URL without being logged)
Add the beforeFilter function at your PagesController:
public function beforeFilter(){
parent::beforeFilter();
$this->Auth->allow();
}
PagesController comes by default with CakePHP 2.2, if you don't have it, just copy and paste any other controller and add this function deleting all the rest.
EDITED: If the PagesController was already there, just add the beforeFilter function.