Skip to content

Commit 5b10d03

Browse files
committed
Allow login both from /users/login and /.
1 parent 375654f commit 5b10d03

6 files changed

Lines changed: 60 additions & 25 deletions

File tree

backend/config/bootstrap.php

Lines changed: 6 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -65,8 +65,12 @@
6565
Configure::config('default', new PhpConfig());
6666
Configure::load('app', 'default', false);
6767

68-
// Debug configuration on startup (only in debug mode)
69-
ConfigDebugger::debugConfig();
68+
// Debug configuration on startup only for web requests and `bin/cake server`.
69+
$isCakeServerCommand = PHP_SAPI === 'cli'
70+
&& ($_SERVER['argv'][1] ?? null) === 'server';
71+
if (PHP_SAPI !== 'cli' || $isCakeServerCommand) {
72+
ConfigDebugger::debugConfig();
73+
}
7074
} catch (\Exception $e) {
7175
exit($e->getMessage() . "\n");
7276
}

backend/config/routes.php

Lines changed: 1 addition & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -32,6 +32,7 @@
3232
// Connect '/' to users/login, that will either show the
3333
// login form or redirect the user to the right location.
3434
$routes->connect('/', [ 'controller' => 'Users', 'action' => 'login' ]);
35+
$routes->connect('/users/login', [ 'controller' => 'Users', 'action' => 'login' ]);
3536

3637
$routes->prefix('api/v1', function (RouteBuilder $routes) {
3738
$api_controllers = [

backend/src/Application.php

Lines changed: 5 additions & 12 deletions
Original file line numberDiff line numberDiff line change
@@ -150,12 +150,7 @@ public function getAuthenticationService(ServerRequestInterface $request) : Auth
150150

151151
// Define where users should be redirected to when they are not authenticated
152152
$service->setConfig([
153-
'unauthenticatedRedirect' => Router::url([
154-
'prefix' => false,
155-
'plugin' => null,
156-
'controller' => 'Users',
157-
'action' => 'login',
158-
]),
153+
'unauthenticatedRedirect' => Router::url('/'),
159154
'queryParam' => 'redirect',
160155
// For API requests, we don't want to redirect to login page
161156
'authError' => 'Access denied',
@@ -173,12 +168,10 @@ public function getAuthenticationService(ServerRequestInterface $request) : Auth
173168
$service->loadAuthenticator('Authentication.Session');
174169
$service->loadAuthenticator('Authentication.Form', [
175170
'fields' => $fields,
176-
'loginUrl' => Router::url([
177-
'prefix' => false,
178-
'plugin' => null,
179-
'controller' => 'Users',
180-
'action' => 'login',
181-
]),
171+
'loginUrl' => [
172+
Router::url('/'),
173+
Router::url('/users/login'),
174+
],
182175
]);
183176

184177
// Load identifiers

backend/src/Command/GrantAdminCommand.php

Lines changed: 4 additions & 10 deletions
Original file line numberDiff line numberDiff line change
@@ -30,13 +30,6 @@
3030
use App\Model\Entity\User;
3131

3232
class GrantAdminCommand extends Command {
33-
34-
public function initialize() : void
35-
{
36-
parent::initialize();
37-
$this->loadModel('Users');
38-
}
39-
4033
protected function buildOptionParser(ConsoleOptionParser $parser) : ConsoleOptionParser
4134
{
4235
$parser->addArgument('username', [
@@ -62,12 +55,13 @@ public function execute(Arguments $args, ConsoleIo $io)
6255
{
6356
$username = $args->getArgument('username');
6457
$password = $args->getOption('password');
58+
$usersTable = $this->fetchTable('Users');
6559

6660
if ($username == null) {
6761
$io->error("No user provided");
6862
return;
6963
}
70-
$users = $this->Users->find()->where([ 'username' => $username ]);
64+
$users = $usersTable->find()->where([ 'username' => $username ]);
7165

7266
if ($users->count() == 0)
7367
{
@@ -80,7 +74,7 @@ public function execute(Arguments $args, ConsoleIo $io)
8074
$user['givenname'] = '';
8175
$user['surname'] = $username;
8276
$user['number'] = '000000';
83-
if ($this->Users->save($user)) {
77+
if ($usersTable->save($user)) {
8478
$io->info("New user $username created");
8579
} else {
8680
$io->error("Creation of new user failed");
@@ -101,7 +95,7 @@ public function execute(Arguments $args, ConsoleIo $io)
10195
$user['password'] = $password;
10296
$io->info("password set");
10397
}
104-
if (! $this->Users->save($user))
98+
if (! $usersTable->save($user))
10599
{
106100
$io->error("Database error while saving user $username.");
107101
}

backend/src/Controller/UsersController.php

Lines changed: 43 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -121,6 +121,12 @@ public function index() {
121121
}
122122

123123
private function login_user($authuser) {
124+
if ($authuser instanceof \App\Model\Entity\User) {
125+
$this->Authentication->setIdentity($authuser);
126+
Log::write('debug', 'Logged in local user ' . $authuser['username']);
127+
return;
128+
}
129+
124130
// Try to find the user in the database
125131
$user = $this->Users->find()
126132
->where([ 'username' => $authuser['username'] ])
@@ -181,6 +187,7 @@ public function login() {
181187

182188
if ($this->request->is('post')) {
183189
$authuser = $this->Authentication->getIdentity();
190+
$this->debugLocalAuthenticationAttempt($authuser);
184191

185192
if (! $authuser) {
186193
$this->Flash->error('Username o password non corretti');
@@ -216,6 +223,42 @@ public function login() {
216223
$this->set('redirect', $this->request->getQuery(('redirect')));
217224
}
218225

226+
private function debugLocalAuthenticationAttempt($authuser): void
227+
{
228+
$username = (string)$this->request->getData('username', '');
229+
$password = (string)$this->request->getData('password', '');
230+
$result = $this->Authentication->getResult();
231+
$user = $username === ''
232+
? null
233+
: $this->Users->find()
234+
->where(['username' => $username])
235+
->first();
236+
237+
$debug = [
238+
'username' => $username,
239+
'has_password_in_request' => $password !== '',
240+
'authentication_result_status' => $result ? $result->getStatus() : null,
241+
'authentication_result_valid' => $result ? $result->isValid() : null,
242+
'authentication_result_errors' => $result ? $result->getErrors() : null,
243+
'identity_class' => is_object($authuser) ? get_class($authuser) : null,
244+
'identity_username' => $authuser ? ($authuser['username'] ?? null) : null,
245+
'local_user_found' => $user !== null,
246+
'local_user_id' => $user ? $user['id'] : null,
247+
'local_user_admin' => $user ? (bool)$user['admin'] : null,
248+
'local_password_hash_prefix' => ($user && $user['password'])
249+
? substr($user['password'], 0, 7)
250+
: null,
251+
'local_password_hash_length' => ($user && $user['password'])
252+
? strlen($user['password'])
253+
: null,
254+
'local_password_check' => ($user && $password !== '')
255+
? $user->checkPassword($password)
256+
: null,
257+
];
258+
259+
Log::debug('Local authentication debug: ' . json_encode($debug));
260+
}
261+
219262
private function isOAuth2Enabled() {
220263
return !!getenv('OAUTH2_APPID');
221264
}

backend/src/Model/Entity/User.php

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -148,6 +148,6 @@ protected function _setPassword(string $password) : ?string
148148
}
149149

150150
public function checkPassword(string $password): bool {
151-
return (new DefaultPasswordHasher())->hash($password) == $this->password;
151+
return (new DefaultPasswordHasher())->check($password, $this->password);
152152
}
153153
}

0 commit comments

Comments
 (0)