I want to achieve something like below scenario mention in CakePHP 1.3.8 a latest version:
- Ask for
Username / Password
or directly ask forSecret Keyword
- If correct, ask for
Secret Keyword
- If correct, access more
details of website
- If wrong,
don't allow
any further access
There is Auth
component into CakePHP for authentication like username/password
however I want to implement this extra step of Secret Keyword
to access information which should b开发者_高级运维e stored in somefile, encrypted way
or some other better way you suggest in a single computer
usage only.
Any ideas would be appreciated.
Thanks !
I typically turn off autoRedirect
so I can do extra stuff in my login
method. I typically don't do this much work, but you can probably repurpose accordingly by, after authentication is complete/successful. It's not a complete answer, nor is the following a complete code snippet for your requirement, but it may be enough to get you started.
/** Logging in and authenticated */
if ( !empty( $this->data ) && $this->Auth->user() ) {
$this->User->id = $this->Auth->user( 'id' );
$this->set_user_type();
$this->User->saveField( 'last_login', date( 'Y-m-d H:i:s' ) );
if( $this->User->has_building( $this->Auth->User('id') ) ) {
$this->redirect( array( 'controller' => 'buildings', 'action' => 'incentives' ) );
}
else {
$this->redirect( $this->Auth->redirect() );
}
}
This is a snippet from one of my own projects. In your case, you might look for a secret key value next. If that doesn't exist, drop into a view to retrieve that and submit back to this same method. On the second pass, if the user is authenticated and the secret key is passed and exists, then redirect as required. If the secret key is wrong, then de-authenticate the user and redirect.
Like I said, not a complete answer and a very simple look at a hard problem, but hopefully it helps you get started.
精彩评论