我在寫代碼控制器。用戶以跑道用戶身份登錄到網站。登錄後,它們被重定向到儀表板。如何避免跑道重新認證每次我從跑道查詢數據?
函數test_auth進行驗證並將用戶重定向到儀表板。
的問題是:在儀表板功能,我必須reauthentificate如果我要打電話,例如,function PodioOrganization::get_all();
這裏是我的代碼:
class User extends CI_Controller {
/**
* __construct function.
*
* @access public
* @return void
*/
public function __construct() {
parent::__construct();
$this->load->library(array('session'));
$this->load->helper(array('url'));
$this->load->model('user_model');
}
public function dashboard()
{
if (!isset($_SESSION['logged_in']) || $_SESSION['logged_in'] != true) {//not logged
redirect(base_url().'user/login');
}else
{
$data=(array)$this->user_model->get_user($_SESSION['user_id']);
//$data=(array)$this->user_model->get_user(3);
$data['title'] ='Dashboard Page';
//'heading' => 'My Heading',
//'message' => 'My Message'
Podio::setup(CLIENT_ID, CLIENT_SECRET);
$orgs=PodioOrganization::get_all();
$this->load->view('header',$data);
$this->load->view('user/page_header',$data);
$this->load->view('user/dashboard',$data);
$this->load->view('user/footer');
}
}
public function test_auth()
{
// Set up the REDIRECT_URI -- which is just the URL for this file.
if (isset($_SESSION['logged_in']) && $_SESSION['logged_in'] === true) {
redirect(base_url().'user/dashboard');
}
else{
Podio::setup(CLIENT_ID, CLIENT_SECRET);
if (!isset($_GET['code']) && !Podio::is_authenticated()) {
// User is not being reidrected and does not have an active session
// We just display a link to the authentication page on podio.com
$auth_url = htmlentities(Podio::authorize_url(REDIRECT_URI));
//print "<a href='{$auth_url}'>Start authenticating</a>";
redirect($auth_url);
} elseif (Podio::is_authenticated()) {
// User already has an active session. You can make API calls here:
print "You were already authenticated and no authentication is needed.";
}
elseif (isset($_GET['code'])) {
// User is being redirected back from podio.com after authenticating.
// The authorization code is available in $_GET['code']
// We use it to finalize the authentication
// If there was a problem $_GET['error'] is set:
if (isset($_GET['error'])) {
print "There was a problem. The server said: {$_GET['error_description']}";
}
else {
// Finalize authentication. Note that we must pass the REDIRECT_URI again.
Podio::authenticate_with_authorization_code($_GET['code'], REDIRECT_URI);
$_SESSION['user_id'] = 1;
$_SESSION['logged_in'] = (bool)true;
$_SESSION['access_token'] = (string)Podio::$oauth->access_token ;
$_SESSION['refresh_token']= (string)Podio::$oauth->refresh_token ;
redirect(base_url().'user/dashboard');
}
}
}
}
我也得到一個PodioAuthorizationError,調用$orgs=PodioOrganization::get_all();
沒有先驗證(雖然我已經在test_auth函數中完成了這項工作)
而且我曾在test_auth()中調用Podio::setup(CLIENT_ID, CLIENT_SECRET);
爲什麼我必須在dashboa中再次調用它rd()。應該設置$client_id
和$client_secret
insite setup()函數。爲什麼Podio::setup
失去其價值?
$client_id
和$client_secret
在班級跑道內聲明爲靜態,因此它們應該保留它們的值,但它們不會。爲什麼?
服務器是無狀態的,這意味着每個請求都會重置應用程序中的任何狀態。通常開發人員會將信息存儲在會話或cookie中,以允許瀏覽器在請求之間攜帶狀態。 –