From 8dc3721d7dc7fdadb725497f29e8bc3eaceb5523 Mon Sep 17 00:00:00 2001
From: mscherer <dereuromark@web.de>
Date: Mon, 9 Feb 2026 20:58:30 +0100
Subject: [PATCH] Fix Authentication plugin v4 tutorial corrections

- Use PasswordIdentifier instead of AbstractIdentifier (constants moved in v4)
- Fix identifier config format: use className key instead of nested array
- Split all code-groups into separate blocks for clarity (sequential steps, not choices)
- Restore // [!code ++] annotation for middleware line
- Add file path comments to code blocks for context
---
 .../cms/authentication.md                     | 37 +++++++++----------
 1 file changed, 17 insertions(+), 20 deletions(-)

diff --git a/docs/en/tutorials-and-examples/cms/authentication.md b/docs/en/tutorials-and-examples/cms/authentication.md
index 7ed981f752..eb53cd73c5 100644
--- a/docs/en/tutorials-and-examples/cms/authentication.md
+++ b/docs/en/tutorials-and-examples/cms/authentication.md
@@ -45,7 +45,7 @@ Because we want to hash the password each time it is set, we'll use a mutator/se
 CakePHP will call a convention based setter method any time a property is set in one of your
 entities. Let's add a setter for the password in **src/Model/Entity/User.php**:
 
-```php {3,12-18}
+```php {4,12-18}
 <?php
 namespace App\Model\Entity;
 
@@ -109,7 +109,7 @@ In **src/Application.php**, add the following imports:
 use Authentication\AuthenticationService;
 use Authentication\AuthenticationServiceInterface;
 use Authentication\AuthenticationServiceProviderInterface;
-use Authentication\Identifier\AbstractIdentifier;
+use Authentication\Identifier\PasswordIdentifier;
 use Authentication\Middleware\AuthenticationMiddleware;
 use Psr\Http\Message\ServerRequestInterface;
 ```
@@ -123,11 +123,9 @@ class Application extends BaseApplication
 {
 ```
 
-Then add the following methods:
+Then add the following to your `middleware()` method:
 
-::: code-group
-
-```php [middleware()]
+```php
 // src/Application.php
 public function middleware(MiddlewareQueue $middlewareQueue): MiddlewareQueue
 {
@@ -142,7 +140,9 @@ public function middleware(MiddlewareQueue $middlewareQueue): MiddlewareQueue
 }
 ```
 
-```php [getAuthenticationService()]
+Next, add the `getAuthenticationService()` method:
+
+```php
 // src/Application.php
 public function getAuthenticationService(ServerRequestInterface $request): AuthenticationServiceInterface
 {
@@ -160,8 +160,8 @@ public function getAuthenticationService(ServerRequestInterface $request): Authe
     ]);
 
     $fields = [
-        AbstractIdentifier::CREDENTIAL_USERNAME => 'email',
-        AbstractIdentifier::CREDENTIAL_PASSWORD => 'password',
+        PasswordIdentifier::CREDENTIAL_USERNAME => 'email',
+        PasswordIdentifier::CREDENTIAL_PASSWORD => 'password',
     ];
 
     // Load the authenticators. Session should be first.
@@ -175,9 +175,8 @@ public function getAuthenticationService(ServerRequestInterface $request): Authe
             'action' => 'login',
         ],
         'identifier' => [
-            'Authentication.Password' => [
-                'fields' => $fields,
-            ],
+            'className' => 'Authentication.Password',
+            'fields' => $fields,
         ],
     ]);
 
@@ -185,8 +184,6 @@ public function getAuthenticationService(ServerRequestInterface $request): Authe
 }
 ```
 
-:::
-
 ### Configuring the AppController
 
 In your `AppController` class add the following code:
@@ -232,9 +229,8 @@ If you visit your site, you'll get an "infinite redirect loop" so let's fix that
 
 In your `UsersController`, add the following code:
 
-::: code-group
-
-```php [UsersController.php]
+```php
+// src/Controller/UsersController.php
 public function beforeFilter(\Cake\Event\EventInterface $event): void
 {
     parent::beforeFilter($event);
@@ -260,7 +256,10 @@ public function login()
 }
 ```
 
-```php [templates/Users/login.php]
+Next, add the template for your login action:
+
+```php
+<!-- templates/Users/login.php -->
 <div class="users form content">
     <?= $this->Flash->render() ?>
     <h3>Login</h3>
@@ -277,8 +276,6 @@ public function login()
 </div>
 ```
 
-:::
-
 Now the login page will allow us to correctly login into the application.
 Test it by requesting any page of your site. After being redirected
 to the `/users/login` page, enter the email and password you