I was creating an AJAX based application in cakePHP 1.3, and I decided to move to CakePHP 2.0. Now restricted actions called by ajax no longer return a 403 error when not logged in. I used this to alert my user that he needs to re-log in. How can I make sure CakePHP returns a 403 when not logged in?
Cake 2.0 has a built-in exception class for 403s.
exception ForbiddenException
Used for doing a 403 Forbidden error.
Use it like such:
function view() {
if ( !MyLoginVerificationFunction() ) {
throw new ForbiddenException();
}
...
}