CakePHP's authentication system will provide us with the necessary tools to build a strong, flexible Auth based application. We can then use it to fetch the current user information and make it available throughout our application.
In this recipe, we will see how to save the current logged-in user's information so it is accessible from any point of our CakePHP application, including its layout, while adding a helpful method to the User model to make the job easier.
We should have a working authentication system, so follow the recipe, Setting up a basic authentication system.
1. Add the following method to your
AppControllerclass:public function beforeFilter() { $user = $this->Auth->user(); if (!empty($user)) { Configure::write('User', $user[$this->Auth->getModel()->alias]); } }2. Also in your
AppControllerclass, add the following method inside the class definition:public function beforeRender() { $user = $this->Auth->user(); if (!empty($user)) { $user = $user[$this->Auth->getModel()->alias]; } $this->set(compact('user')); }3. Copy the default CakePHP layout file named
default.ctpfrom yourcake/libs/view/layoutsfolder to your application'sapp/views/layoutsfolder. Place the following code in theapp/views/layouts/default.ctpfolder. While editing this layout, add the following code right where you want login / logout links to appear:<?php if (!empty($user)) { ?> Welcome back <?php echo $user['username']; ?>! <?php echo $this->Html->link('Log out', array('plugin'=>null, 'admin'=>false, 'controller'=>'users', 'action'=>'logout')); } else { echo $this->Html->link('Log in', array('plugin'=>null, 'admin'=>false, 'controller'=>'users', 'action'=>'login')); } ?>4. Add the following method to the
Usermodel. If you do not have a model created for theuserstable, proceed to create a file nameduser.phpand place it in yourapp/modelsdirectory. If you do have one already, make sure you add thegetmethod to it:<?php class User extends AppModel { public static function get($field = null) { $user = Configure::read('User'); if (empty($user) || (!empty($field) && !array_key_exists($field, $user))) { return false; } return !empty($field) ? $user[$field] : $user; } } ?>
By storing the user record in an application-wide configuration variable, we are able to obtain the current user information from anywhere in our application, whether it is controllers, components, models, and so on. This gives us the power to know if there's a logged-in user at any point.
We also need to make sure that views are able to learn whether there is a logged-in user. Even though a view could, technically speaking, still have access to the configure variable, it is normally more elegant to set a view variable to avoid any interaction with PHP classes from the view (except for the view helpers).
Note
When you set variables for the view in AppController, it is very important to make sure no controller action will overwrite the variable. Choose a unique name wisely, and make sure you don't set a view variable with the same name in your controllers.
Finally, we add a handy method to the User model, so we can obtain the current user from our controllers without having to deal with the Configure variable. We can also use the get method to collect a particular bit of user information. For example, to fetch the current user's username from a controller, we would do something like the following:
$userName = User::get('username');
You should not have to load the User model class yourself, as the Auth component does it for you.