We now have a functioning CRUD application. Bake should have setup all the relations we need, if not add them in now. There are a few other pieces that need to be added before we can add the Auth and Acl components. First add a login and logout action to your UsersController.

function login() {
    //Auth Magic
}
 
function logout() {
    //Leave empty for now.
}

1. function login() {
2. //Auth Magic
3. }
5. function logout() {
6. //Leave empty for now.
7. }

We don't need to worry about adding anything to hash passwords, as AuthComponent will do this for us automatically when creating/editing users, and when they login, once configured properly. Furthermore, if you hash incoming passwords manually AuthComponent will not be able to log you in at all. As it will hash them again, and they will not match.

Next we need to make some modifications to AppController. If you dont' have an app_controller.php or an AppController make one now in app/app_controller.php. Since we want our entire site controlled with Auth and Acl, we will set them up in our AppController. Add the following to AppController:

var $components = array('Acl', 'Auth');
 
function beforeFilter() {
    //Configure AuthComponent
    $this->Auth->authorize = 'actions';
    $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
    $this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login');
    $this->Auth->loginRedirect = array('controller' => 'posts', 'action' => 'add');
}

1. var $components = array('Acl', 'Auth');
3. function beforeFilter() {
4. //Configure AuthComponent
5. $this->Auth->authorize = 'actions';
6. $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
7. $this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login');
8. $this->Auth->loginRedirect = array('controller' => 'posts', 'action' => 'add');
9. }

Before we set up the ACL at all we will need to add some users and groups. With AuthComponent in use we will not be able to access any of our actions, as we are not logged in. We will now add some exceptions so AuthComponent will allow us to create some groups and users. In both your GroupsController and your UsersController Add the following.

function beforeFilter() {
    parent::beforeFilter(); 
    $this->Auth->allowedActions = array('*');
}

1. function beforeFilter() {
2. parent::beforeFilter();
3. $this->Auth->allowedActions = array('*');
4. }

These statements tell AuthComponent to allow public access to all actions. This is only temporary and will be removed once we get a few users and groups into our database. Don't add any users or groups just yet though.