A CakePHP plugin which allows using the HybridAuth social sign on library.
- CakePHP 3.0+ (Refer to the
cake2
branch README for CakePHP 2.x)
Run:
composer require admad/cakephp-hybridauth:~3.0
Load the plugin by adding following to your app's boostrap:
Plugin::load('ADmad/HybridAuth', ['bootstrap' => true, 'routes' => true]);
Make a config file config/hybridauth.php
Eg.
use Cake\Core\Configure;
$config['HybridAuth'] = [
'providers' => [
'OpenID' => [
'enabled' => true
]
],
'debug_mode' => Configure::read('debug'),
'debug_file' => LOGS . 'hybridauth.log',
];
For more information about the hybridauth configuration array check http://hybridauth.sourceforge.net/userguide/Configuration.html
Note: When specifying loginRedirect
URL for AuthComponent be sure to add
'plugin' => false
(or appropiate plugin name) to the URL array.
The plugin also expects that your users table used for authentication contains
fields provider
and provider_uid
. The fields are configurable through the
HybridAuthAuthenticate
authenticator.
CREATE TABLE IF NOT EXISTS `users` (
`id` int(11) NOT NULL AUTO_INCREMENT,
`email` varchar(200) NOT NULL,
`password` varchar(200) NOT NULL,
`name` varchar(200) NOT NULL,
`provider` varchar(100) NOT NULL,
`provider_uid` varchar(255) NOT NULL,
`created` datetime DEFAULT NULL,
`modified` datetime DEFAULT NULL,
PRIMARY KEY (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=utf8 ;
Check the CakePHP manual on how to configure and use the AuthComponent
with
required authenticator. You would have something like this in your AppController
's initialize
method.
$this->loadComponent('Auth', [
'authenticate' => [
'Form',
'ADmad/HybridAuth.HybridAuth'
]
]);
Your controller's login action should be similar to this:
public function login() {
if ($this->request->is('post')) {
$user = $this->Auth->identify();
if ($user) {
$this->Auth->setUser($user);
return $this->redirect($this->Auth->redirectUrl());
}
$this->Flash->error(__('Invalid username or password, try again'));
}
}
Note: When your action calls $this->Auth->identify() the method may not return. The authenticator may need to redirect to the provider's site to complete the identification procedure. It's important not to implement any important business logic that depends upon the identify() method returning.
An eg. element Template/Element/login.ctp
showing how to setup the login page
form is provided. Checkout the various
examples
in hybridauth documentation to see various ways to setup your login page.
Once a user is authenticated through the provider the authenticator gets the user
profile from the identity provider and using that tries to find the corresponding
user record in your app's users table. If no user is found and registrationCallback
option is specified the specified method from the User
model is called. You
can use the callback to save user record to database.
If no callback is specified the profile returned by identity provider itself is returned by the authenticator.
Copyright 2015 ADmad