Download the PHP package admad/cakephp-hybridauth without Composer
On this page you can find all versions of the php package admad/cakephp-hybridauth. It is possible to download/install these versions without Composer. Possible dependencies are resolved automatically.
Download admad/cakephp-hybridauth
More information about admad/cakephp-hybridauth
Files in admad/cakephp-hybridauth
Package cakephp-hybridauth
Short Description A CakePHP plugin for using the HybridAuth social sign on library
License MIT
Homepage http://github.com/ADmad/CakePHP-HybridAuth
Informations about the package cakephp-hybridauth
If you are using CakePHP 3.4+ checkout my ADmad/cakephp-social-auth instead.
CakePHP HybridAuth Plugin
A CakePHP plugin which allows using the HybridAuth social sign on library.
Requirements
- CakePHP 3.1+.
Installation
Run:
Setup
Load the plugin by running following command in terminal:
or by manually adding following line to your app's config/bootstrap.php
:
Configuration
Make a config file config/hybridauth.php
:
For more information about the hybridauth configuration array check http://hybridauth.github.io/hybridauth/userguide/Configuration.html
Database
The plugin expects that you have a users table with at least email
field
and a social_profiles
table. You can run
to generate the social_profiles
tabel using a migration file provided with
the plugin.
Usage
Check the CakePHP manual on how to configure and use the AuthComponent
with
required authentication handler. You would have something like this in your
AppController
's initialize()
method.
Note: When specifying loginRedirect
and loginAction
URLs for AuthComponent be sure to add
'plugin' => false
(or appropiate plugin name) to the URL array.
Your controller's login action should be similar to this:
Note: When your action calls $this->Auth->identify()
the method may not return.
The authenticator may need to redirect to the provider's site to complete the
identification procedure. It's important not to implement any important business
logic that depends upon the identify()
method returning.
On your login page you can create links to initiate authentication using required
providers. Specify the provider name using variable named provider
in query string.
We use a POST link here instead of a normal link to prevent search bots and other crawlers from following the link. (Adding "nofollow" attribute to link doesn't suffice as it's often ignored by bots/crawlers.)
Once a user is authenticated through the provider the authenticator gets the user
profile from the identity provider and using that tries to find the corresponding
user record in your app's users table. If no user is found emits a HybridAuth.newUser
event. You must setup a listener for this event which save new user record to
your users table and return an entity for the new user. Here's how you can setup
a method of your UsersTable
as callback for the event.
If you also want to monitor all logins - and execute e.g. a login counter - you can listen for the HybridAuth.login
event.
Additionally, you can also get a flash message for login back using the HybridAuth.login
event:
Twitter & email addresses
If you are trying to achieve a 'Sign in using Twitter' functionality, and you require the users email address, you need to specifically get your application white-listed by Twitter Support using this form and selecting 'I need access to special permissions'. Then you can use the 'includeEmail' => true
configuration option.
Copyright
Copyright 2016 ADmad
License
See LICENSE