Book Image

CakePHP 1.3 Application Development Cookbook

Book Image

CakePHP 1.3 Application Development Cookbook

Overview of this book

CakePHP is a rapid development framework for PHP that provides an extensible architecture for developing, maintaining, and deploying web applications. While the framework has a lot of documentation and reference guides available for beginners, developing more sophisticated and scalable applications require a deeper knowledge of CakePHP features, a challenge that proves difficult even for well established developers.The recipes in this cookbook will give you instant results and help you to develop web applications, leveraging the CakePHP features that allow you to build robust and complex applications. Following the recipes in this book you will be able to understand and use these features in no time. We start with setting up authentication on a CakePHP application. One of the most important aspects of a CakePHP application: the relationship between models, also known as model bindings. Model binding is an integral part of any application's logic and we can manipulate it to get the data we need and when we need. We will go through a series of recipes that will show us how to change the way bindings are fetched, what bindings and what information from a binding is returned, how to create new bindings, and how to build hierarchical data structures. We also define our custom find types that will extend the three basic ones, allowing our code to be even more readable and also create our own find type, with pagination support. This book also has recipes that cover two aspects of CakePHP models that are fundamental to most applications: validation, and behaviors.
Table of Contents (17 chapters)
CakePHP 1.3 Application Development Cookbook
Credits
About the Author
About the Reviewers
www.PacktPub.com
Preface

Integrating with OpenID


OpenID (http://openid.net) is a great way to allow users to log in without having to have an actual username in your application. It is a solution that is widely adopted, and has proven itself on many popular sites (such as Google, Yahoo, MySpace, and AOL).

This recipe shows how to add support for OpenID logins in a transparent way, while still working with a valid Auth implementation.

Getting ready

We should have a working authentication system, so follow the recipe, Setting up a basic authentication system.

We will also need the PHP OpenID Library. Download the latest release from https://github.com/openid/php-openid/downloads and extract the folder named Auth from the downloaded file into your app/vendors folder. You should now have a directory named Auth inside your vendors folder.

Finally, we need to download the OpenID plugin for CakePHP. Go to http://github.com/mariano/openid/downloads and download the latest release. Uncompress the downloaded file into your app/plugins folder. You should now have a directory named openid inside app/plugins.

How to do it...

  1. 1. Edit your AppController class and change the reference for the Auth component from Auth to Openid.OpenAuth. The components property should now look like this:

    public $components = array(
    'Openid.OpenAuth' => array(
    'authorize' => 'controller'
    ),
    'Session'
    );
    
  2. 2. Next, edit the login view (in app/views/users/login.ctp) and add a field to allow the user to specify their OpenID URL. The view should now look like this:

    <?php
    echo $this->Form->create(array('action'=>'login'));
    echo $this->Form->inputs(array(
    'legend' => 'Login',
    'openid' => array('label' => 'OpenID URL'),
    'username',
    'password'
    ));
    echo $this->Form->end('Login');
    ?>
    

    You should now be able to log in using either a valid username and password combination, or an OpenID URL, as shown in the following screenshot:

How it works...

As the OpenAuth component (a part of the openid plugin) extends the CakePHP built-in Auth component, it works in a similar fashion. When the component cannot seem to find a way to log in the user with a username and password, it will check whether the OpenID URL is specified.

If this is the case, it will attempt to authenticate the URL against the OpenID server. When it does, the user is taken to the OpenID server so the application can be granted permission to access the OpenID credentials. When permission is given, the user is taken back to the application, at a point on which the OpenAuth component is able to mark the user as logged in, and resume the normal application work flow.

There's more...

The openid plugin has further options to customize its behavior; including the ability to specify which user information should be given back. Check the documentation in http://github.com/mariano/openid.

Being a standard Auth implementation, this integration can be combined with any of the other recipes we have seen in this chapter, which allows for a flexible open authentication solution. If you do, make sure to note that the user given back by the OpenAuth component does not contain a valid user record, so you should create one upon log in.

Even when you are using the OpenAuth component which clearly has a different name than Auth, you can still use $this->Auth to set properties or call, for example, the allow method. This is possible because the component creates an alias.

See also

  • Getting the current user's information.