在CakePHP 2.0之前,你可以允許用戶通過停止autoRedirect,然後在你的數據庫的用戶名數據的電子郵件列比較使用他們的電子郵件地址登錄(顯然蛋糕然後可以回退到用戶名檢查,如果不是電子郵件)。登錄在CakePHP的2.0版的電子郵件地址或用戶名
在CakePHP 2.0這種情況已經改變,你登錄使用$this->Auth->login()
我的問題是我怎麼得到這個工作2.0手動?我有一些非常複雜的代碼,可以處理各種各樣的事情,例如處理ajax和回發請求,如果用戶嘗試登錄太多次時鎖定賬戶等,所以它非常長!
正如您將看到的那樣,我將檢查帳戶是否實際存在,以便在通過身份驗證過程前可以顯示未找到的帳戶消息(如果出現此情況,還可以使用此功能鎖定該用戶的帳戶)嘗試。
這裏的主要問題是允許系統檢查用戶名和電子郵件地址以進行身份驗證,如果您使用電子郵件地址進行驗證,系統就會鎖定用戶,但它會始終因爲身份驗證無法處理它而失敗。
希望有人能幫助,提供意見建議。由於
if ($this->request->is('post'))
{
$opts = array(
'conditions'=>array(
'OR'=>array(
'User.username'=>$this->data['User']['username'],
'User.email'=>$this->data['User']['username']
)
)
);
$user = $this->User->find('first', $opts);
if(!empty($user))
{
if($user['User']['status'] == 0)
{
if($this->request->is('ajax'))
{
$this->autoRender = false;
echo json_encode(array('authenticated'=>false,'error'=>__('Sorry your account is currently locked. Please reset your password.?')));
}
else
{
$this->Session->setFlash(__('Sorry your account is currently locked. Please reset your password.'), 'default', array(), 'auth');
}
}
else
{
if ($this->Auth->login())
{
if ($this->request->is('ajax'))
{
$this->autoRender = false;
if(isset($this->params['url']['continue']))
{
$pathtoredirect = $this->UrlEncode->base64url_decode($this->params['url']['continue']);
echo json_encode(array('authenticated'=>true,'redirect'=>$pathtoredirect,'base'=>false));
}
else
{
$pathtoredirect = $this->Auth->redirect();
echo json_encode(array('authenticated'=>true,'redirect'=>$pathtoredirect,'base'=>true));
}
}
else
{
if(isset($this->params['url']['continue']))
{
$pathtoredirect = $this->UrlEncode->base64url_decode($this->params['url']['continue']);
}
else
{
$pathtoredirect = $this->Auth->redirect();
}
return $this->redirect($pathtoredirect);
}
}
else
{
if($this->Session->read('attempts'))
{
$attempts = $this->Session->read('attempts') + 1;
}
else
{
$attempts = 1;
}
$this->Session->write('attempts', $attempts);
if($attempts >= 5)
{
$this->User->id = $user['User']['id'];
$this->User->saveField('status', 0);
if ($this->request->is('ajax'))
{
$this->autoRender = false;
echo json_encode(array('authenticated'=>false,'error'=>__('Username or password is incorrect. For security reasons this account has now been locked and you must reset your password to unlock it.')));
}
else
{
$this->Session->setFlash(__('Username or password is incorrect. For security reasons this account has now been locked and you must reset your password to unlock it.'), 'default', array(), 'auth');
}
}
else
{
if ($this->request->is('ajax'))
{
$this->autoRender = false;
echo json_encode(array('authenticated'=>false,'error'=>__('Username or password is incorrect')));
}
else
{
$this->Session->setFlash(__('Username or password is incorrect'), 'default', array(), 'auth');
}
}
}
}
}
else
{
if ($this->request->is('ajax'))
{
$this->autoRender = false;
echo json_encode(array('authenticated'=>false,'error'=>__('Sorry that account does not exist.')));
}
else
{
$this->Session->setFlash(__('Sorry that account does not exist.'), 'default', array(), 'auth');
}
}
}
不是查詢數據庫或者用戶名= userInput或電子郵件= userInput爲什麼不使用正則表達式來確定他們是否已經輸入的字符串是一個有效的電子郵件地址,檢查電子郵件,如果是的話,用戶名,如果它沒有。 – CBusBus 2012-01-16 00:14:09
是的,但我如何使用2.0中的'$ this-> Auth-> login()'來做到這一點? – Cameron 2012-01-16 00:20:07
所以 - 長短期問題,你希望用戶能夠用單場登錄,但你要檢查它對陣雙方的用戶名域,並使用Cake的驗證組件在電子郵件領域 - 對嗎? – Dave 2012-01-16 03:55:05