1. 首頁
  2. 問答
  3. 登錄在CakePHP的2.0版的電子郵件地址或用戶名

登錄在CakePHP的2.0版的電子郵件地址或用戶名

2012-01-15 94 views
0

在CakePHP 2.0之前,你可以允許用戶通過停止autoRedirect,然後在你的數據庫的用戶名數據的電子郵件列比較使用他們的電子郵件地址登錄(顯然蛋糕然後可以回退到用戶名檢查,如果不是電子郵件)。登錄在CakePHP的2.0版的電子郵件地址或用戶名

在CakePHP 2.0這種情況已經改變,你登錄使用$this->Auth->login()

我的問題是我怎麼得到這個工作2.0手動?我有一些非常複雜的代碼,可以處理各種各樣的事情,例如處理ajax和回發請求,如果用戶嘗試登錄太多次時鎖定賬戶等,所以它非常長!

正如您將看到的那樣,我將檢查帳戶是否實際存在,以便在通過身份驗證過程前可以顯示未找到的帳戶消息(如果出現此情況,還可以使用此功能鎖定該用戶的帳戶)嘗試。

這裏的主要問題是允許系統檢查用戶名和電子郵件地址以進行身份​​驗證,如果您使用電子郵件地址進行驗證,系統就會鎖定用戶,但它會始終因爲身份驗證無法處理它而失敗。

希望有人能幫助,提供意見建議。由於

if ($this->request->is('post')) 
     {  
      $opts = array(
       'conditions'=>array(
        'OR'=>array(
         'User.username'=>$this->data['User']['username'], 
         'User.email'=>$this->data['User']['username'] 
        ) 
       ) 
      ); 

      $user = $this->User->find('first', $opts); 

      if(!empty($user)) 
      { 
       if($user['User']['status'] == 0) 
       { 
        if($this->request->is('ajax')) 
        { 
         $this->autoRender = false; 
         echo json_encode(array('authenticated'=>false,'error'=>__('Sorry your account is currently locked. Please reset your password.?'))); 
        } 
        else 
        { 
         $this->Session->setFlash(__('Sorry your account is currently locked. Please reset your password.'), 'default', array(), 'auth'); 
        } 
       } 
       else 
       { 
        if ($this->Auth->login()) 
        { 
         if ($this->request->is('ajax')) 
         { 
          $this->autoRender = false; 
          if(isset($this->params['url']['continue'])) 
          { 
           $pathtoredirect = $this->UrlEncode->base64url_decode($this->params['url']['continue']); 

           echo json_encode(array('authenticated'=>true,'redirect'=>$pathtoredirect,'base'=>false)); 
          } 
          else 
          { 
           $pathtoredirect = $this->Auth->redirect(); 

           echo json_encode(array('authenticated'=>true,'redirect'=>$pathtoredirect,'base'=>true)); 
          } 
         } 
         else 
         { 
          if(isset($this->params['url']['continue'])) 
          { 
           $pathtoredirect = $this->UrlEncode->base64url_decode($this->params['url']['continue']); 
          } 
          else 
          { 
           $pathtoredirect = $this->Auth->redirect(); 
          } 
          return $this->redirect($pathtoredirect); 
         }    
        } 
        else 
        {    
         if($this->Session->read('attempts')) 
         { 
          $attempts = $this->Session->read('attempts') + 1; 
         } 
         else 
         { 
          $attempts = 1; 
         } 

         $this->Session->write('attempts', $attempts); 

         if($attempts >= 5) 
         { 
          $this->User->id = $user['User']['id']; 
          $this->User->saveField('status', 0); 
          if ($this->request->is('ajax')) 
          { 
           $this->autoRender = false; 
           echo json_encode(array('authenticated'=>false,'error'=>__('Username or password is incorrect. For security reasons this account has now been locked and you must reset your password to unlock it.'))); 
          } 
          else 
          { 
           $this->Session->setFlash(__('Username or password is incorrect. For security reasons this account has now been locked and you must reset your password to unlock it.'), 'default', array(), 'auth'); 
          } 
         } 
         else 
         { 
          if ($this->request->is('ajax')) 
          { 
           $this->autoRender = false; 
           echo json_encode(array('authenticated'=>false,'error'=>__('Username or password is incorrect'))); 
          } 
          else 
          { 
           $this->Session->setFlash(__('Username or password is incorrect'), 'default', array(), 'auth'); 
          } 
         } 
        } 
       } 
      } 
      else 
      { 
       if ($this->request->is('ajax')) 
       { 
        $this->autoRender = false; 
        echo json_encode(array('authenticated'=>false,'error'=>__('Sorry that account does not exist.'))); 
       } 
       else 
       { 
        $this->Session->setFlash(__('Sorry that account does not exist.'), 'default', array(), 'auth'); 
       } 
      } 
     }

來源

2012-01-15 Cameron

+0

不是查詢數據庫或者用戶名= userInput或電子郵件= userInput爲什麼不使用正則表達式來確定他們是否已經輸入的字符串是一個有效的電子郵件地址,檢查電子郵件,如果是的話,用戶名,如果它沒有。 – CBusBus 2012-01-16 00:14:09

+0

是的,但我如何使用2.0中的'$ this-> Auth-> login()'來做到這一點? – Cameron 2012-01-16 00:20:07

+0

所以 - 長短期問題,你希望用戶能夠用單場登錄,但你要檢查它對陣雙方的用戶名域,並使用Cake的驗證組件在電子郵件領域 - 對嗎? – Dave 2012-01-16 03:55:05

回答

3

我不知道,如果AuthComponent可配置爲自動檢查兩個領域,但這裏是一個另類:

/* 
* AppController 
*/ 
beforeFilter() 
{ 
    $this->Auth->authenticate = array('Form' => array('fields' => array('username' => 'email', 'password' => 'password'))); 
} 

/* 
* UsersController 
*/ 
function login() 
{ 
    if($this->request->is('post')) 
    { 
    $logged_in = false; 

    if($this->Auth->login()) 
    { 
     $logged_in = true; 
    } 
    else 
    { 
     $this->Auth->authenticate = array('Form' => array('fields' => array('username' => 'username', 'password' => 'password'))); 
     $this->Auth->constructAuthenticate(); 

     $this->request->data['User']['username'] = $this->request->data['User']['email']; 

     if($this->Auth->login()) 
     { 
      $logged_in = true; 
     } 
    } 

    if($logged_in) 
    { 
     /* 
     * Do what you want here 
     */ 
    } 
    else 
    { 
     /* 
     * Do what you want here 
     */ 
    } 
    } 
}

然後,如果你希望能夠執行的過程只有一個測試來檢查這兩個字段,您可以將此代碼移動到Component中,而不是直接調用$this->Auth->login()方法。

來源

2012-01-16 07:58:38 nIcO

+0

如果您正在聲明該用戶名=電子郵件,Cake會自動回退以搜索具有該用戶名的用戶嗎? – Cameron 2012-01-16 12:40:36

+0

我不這麼認爲,這就是爲什麼我在改變配置後再次調用'$ this-> Auth-> login()'。 – nIcO 2012-01-16 13:28:37

+0

嗯,這似乎很馬虎。這是死很容易在CakePHP的1.3這樣做,我不知道爲什麼它在2.0 :( – Cameron 2012-01-16 17:05:05

相關問題

 相關問題