Docs.

Author: dereuromark

docs/en/authenticators.rst

@@ -37,14 +37,24 @@ It also helps to avoid session invalidation.
 Session itself stores the entity object including nested objects like DateTime or enums.
 With only the ID stored, the invalidation due to objects being modified will also dissolve.
 
-Make sure to match this with a Token identifier with ``id`` keys:
+Make sure to match this with a Token identifier with ``key``/``id`` keys::
 
     $service->loadIdentifier('Authentication.Token', [
-        'tokenField' => 'id',
-        'dataField' => 'id',
+        'tokenField' => 'id', // lookup for DB table
+        'dataField' => 'key', // incoming data
         'resolver' => 'Authentication.Orm',
     ]);
 
+    $service->loadAuthenticator('Authentication.PrimaryKeySession', [
+        'urlChecker' => 'Authentication.CakeRouter',
+        'loginUrl' => [
+            'prefix' => false,
+            'plugin' => false,
+            'controller' => 'Users',
+            'action' => 'login',
+        ],
+    ]);
+
 Form
 ====
 

docs/en/url-checkers.rst

@@ -2,7 +2,7 @@ URL Checkers
 ############
 
 To provide an abstract and framework agnostic solution there are URL
-checkers implemented that allow you to customize the comparision of the
+checkers implemented that allow you to customize the comparison of the
 current URL if needed. For example to another frameworks routing.
 
 Included Checkers
@@ -24,11 +24,24 @@ Options:
 CakeRouterUrlChecker
 --------------------
 
-Options:
-
 Use this checker if you want to use the array notation of CakePHPs
 routing system. The checker also works with named routes.
 
+    $service->loadAuthenticator('Authentication.Form', [
+        'urlChecker' => 'Authentication.CakeRouter',
+        'fields' => [
+            AbstractIdentifier::CREDENTIAL_USERNAME => 'email',
+            AbstractIdentifier::CREDENTIAL_PASSWORD => 'password',
+        ],
+        'loginUrl' => [
+            'prefix' => false,
+            'plugin' => false,
+            'controller' => 'Users',
+            'action' => 'login',
+        ],
+    ]);
+
+Options:
 -  **checkFullUrl**: To compare the full URL, including protocol, host
    and port or not. Default is ``false``
 

src/Authenticator/PrimaryKeySessionAuthenticator.php

@@ -4,6 +4,7 @@
 namespace Authentication\Authenticator;
 
 use ArrayAccess;
+use Authentication\Identifier\IdentifierInterface;
 use Cake\Http\Exception\UnauthorizedException;
 use Psr\Http\Message\ResponseInterface;
 use Psr\Http\Message\ServerRequestInterface;
@@ -13,6 +14,20 @@
  */
 class PrimaryKeySessionAuthenticator extends SessionAuthenticator
 {
+    /**
+     * @param \Authentication\Identifier\IdentifierInterface $identifier
+     * @param array<string, mixed> $config
+     */
+    public function __construct(IdentifierInterface $identifier, array $config = [])
+    {
+        $config += [
+            'identifierKey' => 'key',
+            'idField' => 'id',
+        ];
+
+        parent::__construct($identifier, $config);
+    }
+
     /**
      * Authenticate a user using session data.
      *
@@ -30,7 +45,7 @@ public function authenticate(ServerRequestInterface $request): ResultInterface
             return new Result(null, Result::FAILURE_IDENTITY_NOT_FOUND);
         }
 
-        $user = $this->_identifier->identify(['id' => $userId]);
+        $user = $this->_identifier->identify([$this->getConfig('identifierKey') => $userId]);
         if (!$user) {
             return new Result(null, Result::FAILURE_IDENTITY_NOT_FOUND);
         }
@@ -49,7 +64,7 @@ public function persistIdentity(ServerRequestInterface $request, ResponseInterfa
 
         if (!$session->check($sessionKey)) {
             $session->renew();
-            $session->write($sessionKey, $identity['id']);
+            $session->write($sessionKey, $identity[$this->getConfig('idField')]);
         }
 
         return [
@@ -83,8 +98,8 @@ public function impersonate(
                 'Stop the current impersonation before impersonating another user.',
             );
         }
-        $session->write($impersonateSessionKey, $impersonator['id']);
-        $session->write($sessionKey, $impersonated['id']);
+        $session->write($impersonateSessionKey, $impersonator[$this->getConfig('idField')]);
+        $session->write($sessionKey, $impersonated[$this->getConfig('idField')]);
         $this->setConfig('identify', true);
 
         return [

tests/TestCase/Authenticator/PrimaryKeySessionAuthenticatorTest.php

@@ -84,7 +84,7 @@ public function testAuthenticateSuccess()
         $this->identifiers = new IdentifierCollection([
             'Authentication.Token' => [
                 'tokenField' => 'id',
-                'dataField' => 'id',
+                'dataField' => 'key',
                 'resolver' => [
                     'className' => 'Authentication.Orm',
                     'userModel' => 'AuthUsers',
@@ -121,7 +121,7 @@ public function testAuthenticateSuccessCustomFinder()
         $this->identifiers = new IdentifierCollection([
             'Authentication.Token' => [
                 'tokenField' => 'id',
-                'dataField' => 'id',
+                'dataField' => 'key',
                 'resolver' => [
                     'className' => 'Authentication.Orm',
                     'userModel' => 'AuthUsers',