In this tutorial, you will learn how to make a login and registration system using CakePHP 3 and Auth component. I had made in previous tutorial simple CRUD system in CakePHP3 where you can add, get, delete and update topics. I will improve it to have a restriction that no one can add or edit without login as a registered user. It is very important in ecommerce or login based website to store the user information for further use. Here we will show both login and registration in cakephp3.

(You can also read : Download Login Form in PHP and Mysql)

First step :

App database has two tables :

users table where we store registered users data.

Create topics table it saves users’ topics.

Step2 : Create the models :

Create TopicsTable.php in \model\Table\ path. As many topics can be written by a user, we will associate the two tables ; Topics and Users  using CakePHP associations. So, in TopicsTable class we will use belongsTo relation .It means that many topics have one user.

isOwnedBy() method checks if a topic with specific id has the given $userId parameter value in user_id field .We will use it in authorizing to prevent unauthorized people from editing or deleting others topics .

Create UsersTable.php in \model\Table\ path. We will add a hasMany relation between UsersTable and TopicsTable. It means that one user can have many topics.

buildRules() function returns a rules checker object . It is used  for validating data. I used it her to check if email is unique.

Step 3 : Create the controllers :

Change the AppControllerclass to load AuthComponent. AuthComponent is a CakePHP class that control login, actions allowed for unauthenticated visitors , and authorizing users to their allowed actions.

You can configure Auth component by using config arrays.

We will make authenticating by ‘email’ and ‘password’ fields. The action of login will be ‘users/login’. If any user goes to edit oradds topics without logging in, he will be redirected to that action to login first.

When user logout, he will be redirected to ‘topics/index’ action. We will allow visitors without authentication to visit index and view actions .

isAuthorized() method is used in restricting the topics access .It will work with isAuthorized() method in controllers to allow authorized users and prevent others.

Create UsersContoller.php in \Controller\ path.

loginaction allows users to login. It uses Auth component to identify users by login request data.
setUser() method : saves registered user data  in Auth component.

logout action : logged-in user logout using Auth component, then redirected to ‘logoutRedirect’ specified in Auth component.

Create TopicsContoller class in /Contoller/ path

isAuthorized() function check which user can do what or cannot.

Step 4 : create views :

In /Templates/ path create ‘/Templates/Topics’ folder . Inside it create :index.ctp, view.ctp, add.ctp, and edit.ctp





/Templates/Topics/edit.ctpIn /Templates/ path create ‘/Templates/Users’ folder . Inside it create :login.ctp, index.ctp, view.ctp, add.ctp, and edit.ctp




At the end of this article, you have learnt how Auth component work, Login &Registration in CakePHP, and authorization in CakePHP. This tutorial needs concentration to grasp it. Read, write your app and feel free to write in comment section.