2
votes

I am working on a jQuery Mobile App which needs to authenticate a user via a form to a website which is build with CakePHP 1.3 The Authentification process is handled via the standard CakePHP Auth component.

If I use JSON CakePHP detects that a XMLHttpRequest has been sent through the request headers. If a user is not logged in CakePHP returns "ERROR 403: Forbidden.", which is perfect.

But I have to use JSONP (for cross domain posts) to submit the credentials, this means that XMLHttpRequest headers are NOT sent. If a user is not logged in, CakePHP returns the HTML code of the login.ctp view which is not very usefull in an ajax context.

Instead I like to receive a kind of JSON Object, like

jQuery16405332830320302397_1328263230862({
    "success" : false, 
    "errorcode" : 401, 
    "errormessage" : "User not authenticated"
})

Is there a "Cake" way to make the CakePHP Auth Component handle JSONP requests?

1

1 Answers

0
votes

I faced the similar problem. In my case API had format: http://example.com/action.json. I bypasses the auth for quick workout, but you can write your logic to generate the response.

public function beforeFilter() {
        $methods = array('action1','action2');
         if (in_array($this->action, $methods) &&
        isset($this->params['ext']) && $this->params['ext'] == 'json'
    ) {
        /* **************************************************
         * //Your logic here
         * //For example,in my case I allowed all json request:
         * $this->Auth->allow($this->action, 'login','add');
         ***************************************************/
    }

    }

This may be a better solution but this worked for me.