[FIXED] Forbidden Error In JavaScript Ajax Call in CakePHP 3

Issue

I have Seen Similar Questions but I could not arrive at the solution. Please help on this code, I am new to javascript

My JavaScript Code :

function checkId(id_corpus){

  var dataSet = {identity_number: id_corpus};
  var requestUrl = appBaseUrl+'users/check-id-presence';
  alert(id_corpus);
   $.ajax({
      type: "POST",
      url: requestUrl,
      data: dataSet,
      success: function(result) {
          if(result == false){
              $('#ino').css('background-color', 'red');
              $('#ino').css('color', 'black');
            }

      },
      error: function(jqXHR, textStatus, errorThrown) {
          console.log(textStatus, errorThrown);
      }
  });
  }

The Above JS code is called by the following CakePHP view:

$this->Form->input('identity_number', ['style' => 'background-color : black; color : #1798A5;', 'id' => 'ino', 'onkeypress' => 'checkId(this.val)']);

Following is the controller code

public function checkIdPresence()
     {
       $this->autoRender = false;
       $id_corpus = $this->request->data['identity_number'];
       $check = $this->Users->find()->where(['identity_number LIKE' => '%'.$id_corpus.'%']);
       if((iterator_count($check)) > 0){
         echo false; //Corpus Exists

     }else{

       echo true;
   }
}

I am stuck in the "Forbidden Error", I would like to bring it to your notice that similar AJAX is being used by me for Image display(as shown below), it is not showing any error:

    function fetch(user_id, photo, photo_dir)
{


  var dataSet = {id: user_id};
  var requestUrl = appBaseUrl+'users/admin-side-nav-details';
  var imageUrl = 'http://localhost/media/images/users/photo/'+photo_dir+'/'+'100x100_'+photo;
   $.ajax({
      type: "POST",
      url: requestUrl,
      data: dataSet,
      success: function(result) {
              $('#display_info').html(result);
              var image = "<img src ="+imageUrl+" />"
              console.log(image);
              $('#display_image').html(image);

      },
      error: function(jqXHR, textStatus, errorThrown) {
          console.log(textStatus, errorThrown);
      }
  });
}

EDIT: My Auth Component setup :

public function initialize()
  {
  $this->loadComponent('Auth', [
          'authenticate' => [
            'Form' => [
              'fields' => ['username' => 'email', 'password' => 'password']
            ]
          ],
          'loginAction' => [
              'controller' => 'Users',
              'action' => 'login',
          ],
          'authError' => 'Are you sure, you want to enter?',
          'logoutAction' => [
            'controller' => 'Users',
            'action' => 'login',
          ],
        ]);

Solution

Check https://book.cakephp.org/3.0/en/controllers/components/authentication.html#handling-unauthenticated-requests. "If authenticator returns null, AuthComponent redirects user to the login action. If it’s an AJAX request and config ajaxLogin is specified that element is rendered else a 403 HTTP status code is returned."

It seems to me like you didn't specify any authorization scheme so according to https://book.cakephp.org/3.0/en/controllers/components/authentication.html#using-no-authorization "If you don’t use an authorization scheme, make sure to check authorization yourself in your controller’s beforeFilter or with another component."

You can make actions public (in beforeFilter or initialize) using:

// Allow all actions
$this->Auth->allow();

// Allow only the index action.
$this->Auth->allow('index');

// Allow only the view and index actions.
$this->Auth->allow(['view', 'index']);

Answered By - BSounder