Auth->authenticate = array( * 'Form' => array( * 'scope' => array('User.active' => 1) * ) * ) * }}} * * When configuring FormAuthenticate you can pass in settings to which fields, model and additional conditions * are used. See FormAuthenticate::$settings for more information. * * @package Cake.Controller.Component.Auth * @since 2.0 * @see AuthComponent::$authenticate */ class FormAuthenticate extends BaseAuthenticate { /** * Checks the fields to ensure they are supplied. * * @param CakeRequest $request The request that contains login information. * @param string $model The model used for login verification. * @param array $fields The fields to be checked. * @return boolean False if the fields have not been supplied. True if they exist. */ protected function _checkFields(CakeRequest $request, $model, $fields) { if (empty($request->data[$model])) { return false; } if ( empty($request->data[$model][$fields['username']]) || empty($request->data[$model][$fields['password']]) ) { return false; } return true; } /** * Authenticates the identity contained in a request. Will use the `settings.userModel`, and `settings.fields` * to find POST data that is used to find a matching record in the `settings.userModel`. Will return false if * there is no post data, either username or password is missing, of if the scope conditions have not been met. * * @param CakeRequest $request The request that contains login information. * @param CakeResponse $response Unused response object. * @return mixed. False on login failure. An array of User data on success. */ public function authenticate(CakeRequest $request, CakeResponse $response) { $userModel = $this->settings['userModel']; list($plugin, $model) = pluginSplit($userModel); $fields = $this->settings['fields']; if (!$this->_checkFields($request, $model, $fields)) { return false; } return $this->_findUser( $request->data[$model][$fields['username']], $request->data[$model][$fields['password']] ); } }