2017-07-20 56 views
0

我在寫代碼控制器。用戶以跑道用戶身份登錄到網站。登錄後,它們被重定向到儀表板。如何避免跑道重新認證每次我從跑道查詢數據?

函數test_auth進行驗證並將用戶重定向到儀表板。

的問題是:在儀表板功能,我必須reauthentificate如果我要打電話,例如,function PodioOrganization::get_all();

這裏是我的代碼:

class User extends CI_Controller { 

    /** 
    * __construct function. 
    * 
    * @access public 
    * @return void 
*/ 
public function __construct() { 

    parent::__construct(); 
    $this->load->library(array('session')); 
    $this->load->helper(array('url')); 
    $this->load->model('user_model');  
} 

public function dashboard() 
{  
    if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] != true) {//not logged   
     redirect(base_url().'user/login'); 
    }else 
    { 

     $data=(array)$this->user_model->get_user($_SESSION['user_id']); 

     //$data=(array)$this->user_model->get_user(3); 
     $data['title'] ='Dashboard Page'; 
      //'heading' => 'My Heading', 
      //'message' => 'My Message' 

     Podio::setup(CLIENT_ID, CLIENT_SECRET); 

     $orgs=PodioOrganization::get_all(); 

      $this->load->view('header',$data); 
      $this->load->view('user/page_header',$data); 
      $this->load->view('user/dashboard',$data); 
      $this->load->view('user/footer');           
    }    
}  

public function test_auth() 
{ 
    // Set up the REDIRECT_URI -- which is just the URL for this file. 

    if (isset($_SESSION['logged_in']) && $_SESSION['logged_in'] === true) { 
     redirect(base_url().'user/dashboard'); 
    } 
    else{ 

     Podio::setup(CLIENT_ID, CLIENT_SECRET); 

     if (!isset($_GET['code']) && !Podio::is_authenticated()) { 

      // User is not being reidrected and does not have an active session 
      // We just display a link to the authentication page on podio.com 
      $auth_url = htmlentities(Podio::authorize_url(REDIRECT_URI)); 
      //print "<a href='{$auth_url}'>Start authenticating</a>"; 
      redirect($auth_url); 

     } elseif (Podio::is_authenticated()) { 

      // User already has an active session. You can make API calls here: 
      print "You were already authenticated and no authentication is needed."; 

     } 
     elseif (isset($_GET['code'])) { 

      // User is being redirected back from podio.com after authenticating. 
      // The authorization code is available in $_GET['code'] 
      // We use it to finalize the authentication 

      // If there was a problem $_GET['error'] is set: 
      if (isset($_GET['error'])) { 
      print "There was a problem. The server said: {$_GET['error_description']}"; 
      } 
      else { 
      // Finalize authentication. Note that we must pass the REDIRECT_URI again. 
      Podio::authenticate_with_authorization_code($_GET['code'], REDIRECT_URI); 


       $_SESSION['user_id']  = 1; 
       $_SESSION['logged_in'] = (bool)true; 
       $_SESSION['access_token'] = (string)Podio::$oauth->access_token ; 
       $_SESSION['refresh_token']= (string)Podio::$oauth->refresh_token ; 

       redirect(base_url().'user/dashboard');             
      } 

     } 
    } 
} 

我也得到一個PodioAuthorizationError,調用$orgs=PodioOrganization::get_all();沒有先驗證(雖然我已經在test_auth函數中完成了這項工作)

而且我曾在test_auth()中調用Podio::setup(CLIENT_ID, CLIENT_SECRET);爲什麼我必須在dashboa中再次調用它rd()。應該設置$client_id$client_secret insite setup()函數。爲什麼Podio::setup失去其價值?

$client_id$client_secret在班級跑道內聲明爲靜態,因此它們應該保留它們的值,但它們不會。爲什麼?

+0

服務器是無狀態的,這意味着每個請求都會重置應用程序中的任何狀態。通常開發人員會將信息存儲在會話或cookie中,以允許瀏覽器在請求之間攜帶狀態。 –

回答