CakePHP 2.4.5 Auth - isAuthorized not being called

Question

This may be a repeated question but I have gone through all the other answers and none of them worked for me :(

The following is my code in AppController:

public $components = array(
    'Auth',
    'Session'
);

public function beforeFilter() {
    $this->Auth->authorize = 'Controller';
    $this->Auth->authenticate = array(
        'Form' => array(
            'fields' => array('username' => 'email', 'password' => 'password'),
            'scope' => array('User.active' => 1),
            'passwordHasher' => 'Blowfish'
        )
    );
}

public function isAuthorized($user) {
    debug($this->request->params);
    exit;
}

I am not overriding beforeFilter or isAuthorized function in any of the other controllers. No matter what page I open its not calling the isAuthorized function and taking me to the login page. Please Help!

Answer 1

Authorization checks are only made after successful authentication, see AuthComponent::startup().

public function startup(Controller $controller) {
    // ...

    // authenticate first 
    if (!$this->_getUser()) {
        return $this->_unauthenticated($controller);
    }

    // then authorize
    if ($this->_isLoginAction($controller) ||
        empty($this->authorize) ||
        $this->isAuthorized($this->user())
    ) {
        return true;
    }

    // ...
}

So the solution should probably be to log in first.