I have followed the authentication tutorial in the cakephp documentation and created a working login system.

One thing I’m trying to do is have the user redirected to the action they were trying to access initially when not logged in, after they complete login.

I believe the page they were visiting is supposed to be written to Auth.redirect within the session by the startup function in the Auth component, however this doesn’t appear to be working.

In my users controller I have added the following to the beforefilter:

$this->Auth->allow('add', 'login');

Therefore when trying to access the edit action I’m redirected automatically to the login action.

In the login action, I’ve included:

debug($this->Session->read());
debug($this->referer());

This is outputting the session information, and in this session there is no mention of Auth.redirect so neither the Auth function or myself is unable to use this to redirect the user with.

I’ve tried using $this->referer but for some reason when being redirected automatically by the auth function the referer isn’t being tracked either.

Does anyone know a reason why auth.redirect might not be being written and why $this->referer isn’t being populated when redirected by the auth function?

I must note I am on a windows machine using WAMP. However my add action redirects to login after success and debug($this->referer()); picks up the redirect URL when this occurs so the headers must be working fine.

Further Notes:

I’ve identified the issue with CakePHP by looking through the sessions stored in the database.

It seems that the auth.redirect is stored in the session, however for some reason a new session is generated when the user is redirected clearing the previous data.

Is there anyway to stop CakePHP creating new session ids for users?