1. 首頁
  2. 問答
  3. 帶Facebook登錄的Flexi認證

帶Facebook登錄的Flexi認證

2015-07-01 70 views
1

我在我的項目中使用Flexi認證用戶認證庫。現在客戶希望Facebook,Twitter用戶登錄。我正在使用Facebook的SDK 4,並已經能夠讓用戶通過Facebook登錄。帶Facebook登錄的Flexi認證

但現在面臨一個問題。對於每個控制器,在構造is_logged_in_via_password()中都有一個函數。

我無法繞過此功能。我嘗試在用戶通過Facebook登錄後將會話值is_logged_in_via_password設置爲1。

但它的功能is_logged_in_via_password返回false時,它的結構。

是與記錄的Flexi auth用戶所做的會議是:

Array 
(
[user_identifier] [email protected] 
[user_id] = 255 
[admin] = 
[group] = Array 
    (
     [5] = Employer Individual 
    ) 

[privileges] = Array 
    (
    ) 

[logged_in_via_password] = 1 
[login_session_token] => 805ad8cdfdfd49ad309dcc3837a762159e855c649 
)

而且我的Facebook登錄之後創建的會話:

Array 
(
[user_identifier] [email protected] 
[user_id] => 129 
[admin] => 
[group] => Array 
    (
     [5] => Employer Individual 
    ) 

[privileges] => Array 
    (
    ) 

[logged_in_via_password] => 1 
[login_session_token] => 8306cd89be76082caa0b15fd53a2b22f7965e6434 
)

仍然是函數返回false。 問題:我該如何解決這個問題。 flexi auth文檔沒有提供任何細節。

來源

2015-07-01 Prasanth Kumar

回答

1

根據的Flexi AUTH文檔:

的權威性的Flexi庫不包含任何功能,通過第三方API如Facebook,Twitter和OpenID登錄。

但我一寫類似於flexi_auth_model.php處理Facebook登錄的情況 公共職能登錄($身份= FALSE,$密碼= FALSE,$ remember_user = FALSE)的功能。

在這個函數中,我刪除了驗證密碼函數,因爲它的Facebook登錄並沒有密碼。

我的代碼如下所示:

public function facebooklogin($fbprofiledata = FALSE) 
{ 
    // Facebook Email Or Facebook ID 
    $identity=$fb_fbprofiledata['email']; 
    if (empty($identity) || (!$identity = this->get_primary_identity($identity))) 
    { 
     return FALSE; 
    } 
    $sql_select = array(
     $this->auth->primary_identity_col, 
     $this->auth->tbl_col_user_account['id'], 
     $this->auth->tbl_col_user_account['password'], 
     $this->auth->tbl_col_user_account['group_id'], 
     $this->auth->tbl_col_user_account['activation_token'], 
     $this->auth->tbl_col_user_account['active'], 
     $this->auth->tbl_col_user_account['suspend'], 
     $this->auth->tbl_col_user_account['last_login_date'], 
     $this->auth->tbl_col_user_account['failed_logins'], 
     $this->auth->tbl_col_user_account['uacc_type'], 
    ); 

    $sql_where = array($this->auth->primary_identity_col => $identity); 

    // Set any custom defined SQL statements. 
    $this->flexi_auth_lite_model->set_custom_sql_to_db(); 

    $query = $this->db->select($sql_select) 
     ->where($sql_where) 
     ->get($this->auth->tbl_user_account); 

    ###+++++++++++++++++++++++++++++++++### 

    // User exists, now validate credentials. 
    if ($query->num_rows() == 1) 
    { 
     $user = $query->row(); 



     // If an activation time limit is defined by config file and account hasn't been activated by email. 
     if ($this->auth->auth_settings['account_activation_time_limit'] > 0 && !empty($user->{$this->auth->database_config['user_acc']['columns']['activation_token']})) 
     { 
      if (!$this->validate_activation_time_limit($user->{$this->auth->database_config['user_acc']['columns']['last_login_date']})) 
      { 
       $this->set_error_message('account_requires_activation', 'config'); 
       return FALSE; 
      } 
     } 

     // Check whether account has been activated. 
     if ($user->{$this->auth->database_config['user_acc']['columns']['active']} == 0) 
     { 
      $this->set_error_message('account_requires_activation', 'config'); 
      return FALSE; 
     } 

     // Check if account has been suspended. 
     if ($user->{$this->auth->database_config['user_acc']['columns']['suspend']} == 1) 
     { 
      $this->set_error_message('account_suspended', 'config'); 
      return FALSE; 
     } 

     // Verify submitted password matches database. 
     if ($identity) 
     { 
      // Reset failed login attempts. 
      if ($user->{$this->auth->database_config['user_acc']['columns']['failed_logins']} > 0) 
      { 
       $this->reset_login_attempts($identity); 
      } 

      // Set user login sessions. 
      if ($this->set_login_sessions($user, TRUE)) 
      { 
       // Set 'Remember me' cookie and database record if checked by user. 
       if ($remember_user) 
       { 
        $this->remember_user($user->{$this->auth->database_config['user_acc']['columns']['id']}); 
       } 
       // Else, ensure any existing 'Remember me' cookies are deleted. 
       // This can occur if the user logs in via password, whilst already logged in via a "Remember me" cookie. 
       else 
       { 
        $this->flexi_auth_lite_model->delete_remember_me_cookies(); 
       } 
       return TRUE; 
      } 
     } 
     // Password does not match, log the failed login attempt if defined via the config file. 
     else if ($this->auth->auth_security['login_attempt_limit'] > 0) 
     {    
      $attempts = $user->{$this->auth->database_config['user_acc']['columns']['failed_logins']}; 

      // Increment failed login attempts. 
      $this->increment_login_attempts($identity, $attempts); 
     } 
    } 

    return FALSE; 




}

PS:如果有人使用或認爲會有安全漏洞,請評論。希望這可以幫助其他人...

來源

2015-07-06 08:17:31 jones

+0

謝謝...我真的幫助..! –

相關問題

 相關問題