0
我想將用戶登錄和註銷/會話過期信息添加到數據庫中,它很容易進行正常的登錄和註銷,但我無法弄清楚如何繼續自動會話到期。如何在用戶會話過期時註冊過期時間Zend Auth
我的身份驗證如下所示。
我的登錄控制器動作
if ($request->isPost()) {
$data = $request->getParams();
$userModel = new Application_Model_User_DbTable();
if ($user = $userModel->login($data['email'], $data['password'])) {
/* check if user is activated or not */
if ($user['status'] == 0) {
$this->view->loginerror = "<b>Account not active :</b> Please wait for admin to activate your account";
}elseif($user['status'] == -1){
$this->view->loginerror = "<b>Account Suspended :</b> Your account is suspeneded you must contact admin to continue";
}else {
/* Store authentication data in session */
$auth = Zend_Auth::getInstance();
$identity = Zend_Auth::getInstance()->getStorage();
$identity->write($user);
$this->_redirect('/fax');
}
} else {
$this->view->loginerror = "<b>Invalid login :</b> Email or passsword is invalid !";
}
}
身份驗證方法
function authenticate($email, $password) {
$where = array();
$where[] = $this->getAdapter()->quoteinto('email = ?', $email);
$user = $this->fetchRow($where);
if (isset($user['email'])) {
$salt = $user['password_salt'];
if (sha1($password . $salt) == $user['password']) {
/** here i will add login session info**/
return $user;
}
return false;
}
return false;
}
沒有用戶實際「註銷」,沒有辦法檢查它們的到期日期(您需要另一個HTTP請求來檢查會話的最後時間戳)。但是,如果您的會話持續20分鐘,那麼可以說在該時間段內沒有刷新的任何會話不再處於活動狀態,並且您可以定期執行任務以更新這些數據庫記錄。 – AlexP 2013-03-18 12:39:32