RememberMe authentication adapter plugin for CakePHP
, (*1)
This plugin provides an authenticate handler that permanent login by cookie. This plugin use method of issuing a token, instead of set to cookie encrypted username/password., (*2)
This library inspired by Barry Jaspan's article "Improved Persistent Login Cookie Best Practice", and Gabriel Birke's libray "https://github.com/gbirke/rememberme"., (*3)
Installation
You can install this plugin into your CakePHP application using composer., (*4)
The recommended way to install composer packages is:, (*5)
php composer.phar require nojimage/cakephp-remember-me:^4.0
Load the plugin by adding the following statement in your project's src/Application.php:, (*6)
$this->addPlugin('RememberMe');
or running the console command, (*7)
bin/cake plugin load RememberMe
Run migration:, (*8)
bin/cake migrations migrate -p RememberMe
Usage with Authentication plugin
If you're using cakephp/authentication,
use RememberMeTokenIdentifier and CookeAuthenticator., (*9)
Example load RememberMe's Identifier and Authenticator into the getAuthenticationService hook within Application:, (*10)
// in your src/Application.php
class Application extends ...
{
public function getAuthenticationService(...)
{
$service = new AuthenticationService();
$fields = [
'username' => 'email',
'password' => 'password'
];
// ... setup other identifier and authenticator
// setup RememberMe
$service->loadIdentifier('RememberMe.RememberMeToken', compact('fields'));
$service->loadAuthenticator('RememberMe.Cookie', [
'fields' => $fields,
'loginUrl' => '/users/login',
]);
}
}
more document for getAuthenticationService, see: Quick Start - CakePHP Authentication 2.x, (*11)
RememberMe.RememberMeTokenIdentifier options
fields
The fields for the lookup., (*12)
default: ['username' => 'username'], (*13)
$service->loadIdentifier('RememberMe.RememberMeToken', [
'fields' => [
'username' => 'email',
],
]);
resolver
The identity resolver. If change your Resolver,
must extend Authentication\Identifier\Resolver\OrmResolver., (*14)
default: 'Authentication.Orm', (*15)
$service->loadIdentifier('RememberMe.RememberMeToken', [
'resolver' => [
'className' => 'Authentication.Orm',
'userModel' => 'Administrators',
],
]);
tokenStorageModel
A model used for find login cookie tokens., (*16)
default: 'RememberMe.RememberMeTokens', (*17)
$service->loadIdentifier('RememberMe.RememberMeToken', [
'tokenStorageModel' => 'YourTokensModel',
]);
userTokenFieldName
A property name when adding token data to identity., (*18)
default: 'remember_me_token', (*19)
$service->loadIdentifier('RememberMe.RememberMeToken', [
'userTokenFieldName' => 'cookie_token',
]);
RememberMe.CookeAuthenticator options
loginUrl
The login URL, string or array of URLs. Default is null and all pages will be checked., (*20)
default: null, (*21)
$service->loadAuthenticator('RememberMe.Cookie', [
'loginUrl' => '/users/login',
]);
urlChecker
The URL checker class or object., (*22)
default: 'DefaultUrlChecker', (*23)
$service->loadAuthenticator('RememberMe.Cookie', [
'loginUrl' => '/users/login',
]);
rememberMeField
When this key is input by form authentication, it issues a login cookie., (*24)
default: 'remember_me', (*25)
$service->loadAuthenticator('RememberMe.Cookie', [
'rememberMeField' => 'remember_me',
]);
fields
Array that maps username to the specified POST data fields., (*26)
default: ['username' => 'username'], (*27)
$service->loadAuthenticator('RememberMe.Cookie', [
'fields' => [
'username' => 'email',
],
]);
cookie
Write option for login cookie., (*28)
- name: Cookie name (default:
'rememberMe')
- expire: Cookie expiration (default:
'+30 days')
- path: Path (default:
'/')
- domain: Domain, (default:
'')
- secure: Secure flag (default:
true)
- httpOnly: Http only flag (default:
true)
$service->loadAuthenticator('RememberMe.Cookie', [
'cookie' => [
'name' => 'rememberMe',
'expires' => '+30 days',
'secure' => true,
'httpOnly' => true,
],
]);
tokenStorageModel
A model used for storing login cookie tokens., (*29)
default: 'RememberMe.RememberMeTokens', (*30)
$service->loadAuthenticator('RememberMe.Cookie', [
'tokenStorageModel' => 'YourTokensModel',
]);
always
When this option is set to true, a login cookie is always issued after authentication identified., (*31)
default: false, (*32)
$service->loadAuthenticator('RememberMe.Cookie', [
'always' => true,
]);
dropExpiredToken
When this option is set to true, drop expired tokens after authentication identified., (*33)
default: true, (*34)
$service->loadAuthenticator('RememberMe.Cookie', [
'dropExpiredToken' => false,
]);
[Deprecated] Usage with AuthComponent
In your AppController setup AuthComponent:, (*35)
```(php)
public function initialize()
{
// ... snip, (*36)
$this->loadComponent('Auth', [
'authenticate' => [
'RememberMe.Cookie' => [
'userModel' => 'Users',
'fields' => ['username' => 'email'],
'inputKey' => 'remember_me',
],
// ... other authenticater config
],
// ... other auth component config
]);
// ... snip
}, (*37)
### RememberMe.CookieAuthenticate options
#### `inputKey`
When this key is input by form authentication, it issues a login cookie.
default: `'remember_me'`
'RememberMe.Cookie' => [
'inputKey' => 'remember_me',
],
#### `always`
When this option is set to true, a login cookie is always issued after authentication identified.
default: `false`
'RememberMe.Cookie' => [
'always' => true,
],
#### `dropExpiredToken`
When this option is set to true, drop expired tokens after authentication identified.
default: `true`
'RememberMe.Cookie' => [
'dropExpiredToken' => false,
],
#### `cookie`
Write option for login cookie.
- name: cookie name (default: `'rememberMe'`)
- expires: cookie expiration (default: `'+30 days'`)
- secure: secure flag (default: `true`)
- httpOnly: http only flag (default: `true`)
'RememberMe.Cookie' => [
'cookie' => [
'name' => 'rememberMe',
'expires' => '+30 days',
'secure' => true,
'httpOnly' => true,
],
],
#### `tokenStorageModel`
A model used for storing login cookie tokens.
default: `'RememberMe.RememberMeTokens'`
'RememberMe.Cookie' => [
'tokenStorageModel' => 'YourTokensModel',
],
```, (*38)
more configuration options see: https://book.cakephp.org/4.0/en/controllers/components/authentication.html#configuring-authentication-handlers, (*39)
Wallogit.com
