CakePHP's authentication system will provide us with the necessary tools to build a strong, flexible Auth
based application. We can then use it to fetch the current user information and make it available throughout our application.
In this recipe, we will see how to save the current logged-in user's information so it is accessible from any point of our CakePHP application, including its layout, while adding a helpful method to the User
model to make the job easier.
We should have a working authentication system, so follow the recipe, Setting up a basic authentication system.
1. Add the following method to your
AppController
class:public function beforeFilter() { $user = $this->Auth->user(); if (!empty($user)) { Configure::write('User', $user[$this->Auth->getModel()->alias]); } }
2. Also in your
AppController
class, add the following method inside the class definition:public function beforeRender() { $user = $this->Auth->user(); if (!empty($user)) { $user = $user[$this->Auth->getModel()->alias]; } $this->set(compact('user')); }
3. Copy the default CakePHP layout file named
default.ctp
from yourcake/libs/view/layouts
folder to your application'sapp/views/layouts
folder. Place the following code in theapp/views/layouts/default.ctp
folder. While editing this layout, add the following code right where you want login / logout links to appear:<?php if (!empty($user)) { ?> Welcome back <?php echo $user['username']; ?>! <?php echo $this->Html->link('Log out', array('plugin'=>null, 'admin'=>false, 'controller'=>'users', 'action'=>'logout')); } else { echo $this->Html->link('Log in', array('plugin'=>null, 'admin'=>false, 'controller'=>'users', 'action'=>'login')); } ?>
4. Add the following method to the
User
model. If you do not have a model created for theusers
table, proceed to create a file nameduser.php
and place it in yourapp/models
directory. If you do have one already, make sure you add theget
method to it:<?php class User extends AppModel { public static function get($field = null) { $user = Configure::read('User'); if (empty($user) || (!empty($field) && !array_key_exists($field, $user))) { return false; } return !empty($field) ? $user[$field] : $user; } } ?>
By storing the user record in an application-wide configuration variable, we are able to obtain the current user information from anywhere in our application, whether it is controllers, components, models, and so on. This gives us the power to know if there's a logged-in user at any point.
We also need to make sure that views are able to learn whether there is a logged-in user. Even though a view could, technically speaking, still have access to the configure variable, it is normally more elegant to set a view variable to avoid any interaction with PHP classes from the view (except for the view helpers).
Note
When you set variables for the view in AppController
, it is very important to make sure no controller action will overwrite the variable. Choose a unique name wisely, and make sure you don't set a view variable with the same name in your controllers.
Finally, we add a handy method to the User
model, so we can obtain the current user from our controllers without having to deal with the Configure
variable. We can also use the get
method to collect a particular bit of user information. For example, to fetch the current user's username from a controller, we would do something like the following:
$userName = User::get('username');
You should not have to load the User
model class yourself, as the Auth
component does it for you.