The Bakery Everything CakePHP

the component part of othAuth

changes:
0.5.4.5:
- Fixed a bug that was introduced by lately, missing /
- Fixed a bug ( not really bug but oh well ) preventing othAuth from recovering a session from the cookie data in some situations
0.5.4:
- Fixed a bug in loginAttempts reported by PatDaMilla
- Added support for parameters sent via url in a traditional way, mainly for redirects, thanks to Ritesh.
- Probably some other minor bugs

0.5.3:
- Added compatibility with 1.2 redirections
0.5.2:
- Fixed a bug in getData
- Fixed a bug related to the '/' route
- Added lazy model loading support
- Hmm..maybe something else..eh
0.5.1:
added a minor modification to _passAuthData

This tutorial shows you how to create a simple authentication system that doesn't send passwords in cleartext (as many others do). It has a fallback for non-JavaScript users (cleartext mode), and uses a user-defineable method for improved security for the storage of passwords.

This article introduces dAuth V0.3: the authentication (not authorisation) system with a focus on security, using techniques such as challenge-response, customizable multiple-stage password hashing, brute force (hammering) detection etc.

the long awaited documentation of othAuth, this article covers the new version of othAuth 0.5

Helper part of othAuth
changes:
0.1.2:
- Fixed another bug in getData ( wasn't calling init())
- Added support for 1.2
- Added a function hasPermission by Brett ODonnell aka cornernote

0.1.1:
- Fixed a bug in getData
- uses the session helper now

the component for dAuth v0.3

helper for dAuth v0.3

User, Host, LoginAttempt models for dAuth v0.3

There has been a lot of questions about user authentication lately so I thought it was appropriate to create a tutorial that covered the very basics

In this tutorial we'll cover all aspects of MVC in an authentication role, logging a user in, maintaining a session, and restricting unauthorized access to controller actions.

Though this article is based on CakePHP 1.2.x, the same concepts apply in 1.1.x and most of the code can be reused.

Users often encounter situations when they want to perform an action on a web site and get redirected to login page. Application’s task is to take care of performing the requested action right after user’s successful log in. It is easy job, unless the action is requested via ajax.

This is a few lines of code and explanations explaining how to get HTTP Auth to check against your normal users table.

A user can save their login information by ticking off a checkbox in the login form and AutoLogin will store their information in a cookie to automatically log them in (using the Auth Component) on their next visit.

Having a hard time with the ACL? This is probably one of the most simple group based access solutions out there. No ACL tables, no tree structure. It will allow you to setup access on a group level, so if you're looking for user based differentiation this is not for you.