Tried environments? https://github.com/OctoBear/cakephp-environments
On Thu, Nov 28, 2013 at 5:47 PM, Advantage+ <movepix...@gmail.com> wrote: > I want to say mode= production so no access but login > > > > And not go thru every controller and deny() that’s what I am asking. > Nothing to do with ajax > > > > > > > > *Dave Maharaj* > > *Freelance Designer | Developer* > [image: Description: header_logo] > www.movepixels.com | d...@movepixels.com | 709.800.0852 > > > > *From:* cake-php@googlegroups.com [mailto:cake-php@googlegroups.com] *On > Behalf Of *Reuben > *Sent:* Thursday, November 28, 2013 12:53 AM > *To:* cake-php@googlegroups.com > *Subject:* Re: Production and Development Environment > > > > I'm assuming that's some sort of Ajax API that you're doing? > > > > You could make your Javascript aware that it's in a development > environment, and pass the Authorization token, as per > http://coderseye.com/2007/how-to-do-http-basic-auth-in-ajax.html. > > > > If you're using jQuery.ajax, you can pass the username and password for > Basic Authentication, but that leaves you a bit open. Also, it only sends > the info when challenged with a 401, so explicit header setting might be > your only option. [ > http://stackoverflow.com/questions/5507234/how-to-use-basic-auth-and-jquery-and-ajax > ] > > > > You could update the programming to only require authentication for > non-ajax requests, but that might be defeating the purposes as well. > > > > Of course, I'm assuming that your application would normally use Form > authorization in production, but you've got the added layer of Basic > authentication in development. > > > > This issue should only happen when calling the API from a different > domain. If the browser that is already authorized, is calling the APIs on > the same domain, then the Authorization token <b>should</b> be sent > automatically. I'm emphasizing that "should", because it would just seem > screwy if it didn't. > > On Thursday, 28 November 2013 09:48:42 UTC+10, advantage+ wrote: > > Building a site on client's server and password protected but now adding > in API functionality and the htaccess is blocking responses back from the > API calls since they can't reach the site. > > > > Is there a simply way to define production / development to allow access > without password protecting the site. > > I do not want to go thru all 65 controllers and re-code $this->Auth->deny() > / allow();. > > > > Thanks > > > > *Dave* > > > > -- > Like Us on FaceBook https://www.facebook.com/CakePHP > Find us on Twitter http://twitter.com/CakePHP > > --- > You received this message because you are subscribed to the Google Groups > "CakePHP" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cake-php+unsubscr...@googlegroups.com. > To post to this group, send email to cake-php@googlegroups.com. > Visit this group at http://groups.google.com/group/cake-php. > For more options, visit https://groups.google.com/groups/opt_out. > > -- > Like Us on FaceBook https://www.facebook.com/CakePHP > Find us on Twitter http://twitter.com/CakePHP > > --- > You received this message because you are subscribed to the Google Groups > "CakePHP" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to cake-php+unsubscr...@googlegroups.com. > To post to this group, send email to cake-php@googlegroups.com. > Visit this group at http://groups.google.com/group/cake-php. > For more options, visit https://groups.google.com/groups/opt_out. > -- Simon Males -- Like Us on FaceBook https://www.facebook.com/CakePHP Find us on Twitter http://twitter.com/CakePHP --- You received this message because you are subscribed to the Google Groups "CakePHP" group. To unsubscribe from this group and stop receiving emails from it, send an email to cake-php+unsubscr...@googlegroups.com. To post to this group, send email to cake-php@googlegroups.com. Visit this group at http://groups.google.com/group/cake-php. For more options, visit https://groups.google.com/groups/opt_out.
<<image001.jpg>>
