1
我第一次使用Auth,每次嘗試登錄時,使用正確的憑據登錄失敗,並且我得到操作登錄失敗錯誤消息。如何將用戶標記爲允許的用戶,以便訪問帶有前綴admin
的頁面?如何授權嘗試登錄的用戶
我使用CakePHP 2.4.4
AppController的
class AppController extends Controller {
public $components = array('DebugKit.Toolbar',
'Session','Auth' => array(
'loginAction' => array('controller' => 'users', 'action' => 'login', 'admin' => false),
'logoutAction' => array('controller' => 'users', 'action' => 'logout', 'admin' => false),
'loginRedirect'=> '/admin',
'logoutRedirect' => array('controller' => 'users', 'action' => 'login', 'admin' => false),
'authError' => 'Não tem permissão para aceder a esta área. Por favor faça login.',
'authenticate' => array(
'Form' => array(
'fields' => array('username' => 'username', 'password' => 'password'
),
'userModel' => 'User'
)
)//,
//'authorize' =>array('Controller'),
//'passwordHasher' => array(
// 'className' => 'Simple',
// 'hashType' => 'sha1'
//)
)
/*,'Auth' => array(
'loginRedirect' => array('controller' => 'admins', 'action' => 'admin_index'),
'logoutRedirect' => array('controller' => 'home', 'action' => 'index'),
'authorize' => array('Controller')
)*/
);
public function beforeFilter(){
if($this->isPrefix('admin')){
if($this->isAuthorized('admin')){
if($this->Session->check('Auth.User.group_id')){
if($this->Session->read('Auth.User.group_id')==1){
//authorizes user to access pages with admin prefix
}else{
$this->Session->setFlash(__('Você não tem permissão para acessar essa URL'));
$this->Redirect('/login');
}
}else{
$this->Session->setFlash(__('Você não tem permissão para acessar essa URL'));
$this->Redirect('/login');
}
}else{
$this->Session->setFlash(__('Você não tem permissão para acessar essa URL'));
$this->Redirect('/login');
}
//$this->layout='admin';
}else{
$this->Auth->allow('index','ShowImages','ShowShowbill','ShowVideos','ShowContactUs','contact','login','DisplayMusic','DisplayEntertainment','DisplayPromotion','DisplayStaff','DisplayEquipments');
}
/*if($this->isPrefix('admin')){
if($this->Auth->loggedIn()){
if($this->Session->check('Auth.User.group_id')){
if($this->Session->read('Auth.User.group_id')==1){
}else{
$this->Session->setFlash(__('Você não tem permissão para acessar essa URL'));
$this->Redirect('/');
}
}
}
$this->layout='admin';
}else{
$this->Auth->allow('index','ShowImages','ShowShowbill','ShowVideos','ShowContactUs','contact','login','DisplayMusic','DisplayEntertainment','DisplayPromotion','DisplayStaff','DisplayEquipments');
}*/
//$this->Auth->allow('index','ShowImages','ShowShowbill','ShowVideos','ShowContactUs','login','ShowContactUs','timthumb');
//$this->Auth->allow('image');
}
public function isPrefix($prefix) {
return isset($this->request->params['prefix']) && $this->request->params['prefix'] == $prefix;
}
public function isAuthorized($user){
if(isset($user['role'])&&$user['role']==='admin'){
return true;
}
return false;
}
public $helpers = array('Html' ,
'Form' ,
'Timthumb.Timthumb',
'Paginator',
'Session',
'Js',
'Fancybox.Fancybox',
'Paginator',
);
}
UsersController
public function login(){
if($this->request->is('post')){
//$user = array('User' => array('username'=> $this->request->data['User']['username'],'password'=> $this->request->data['User']['password']));
//debug(AuthComponent::user($this->data[$this->alias]['username']));
//debug(AuthComponent::password($this->data[$this->alias]['password']));
if($this->Auth->login()){
return $this->redirect($this->Auth->redirectUrl());
}
else{
$this->Session->setFlash(
__('O nome de utilizador ou a password estão incorrectos.'),
'default',array(),
'auth'
);
}
}
}
查看
<style>
#authMessage{
padding: 15px;
margin-bottom: 20px;
border: 1px solid transparent;
border-radius: 4px;
color: #b94a48;
background-color: #f2dede;
border-color: #eed3d7;
}
#flashMessage{
padding: 15px;
margin-bottom: 20px;
border: 1px solid transparent;
border-radius: 4px;
color: #b94a48;
background-color: #f2dede;
border-color: #eed3d7;
}
</style>
<h2>Login</h2>
<?php echo $this->Session->flash('auth'); ?>
<?php echo $this->Session->flash();?>
<div class="users form">
<?php echo $this->Form->create('User');?>
<fieldset>
<legend><?php echo "<div class=\"alert alert-info\">Por favor insira um nome de Administrador e a password.</div>"; ?></legend>
<?php
echo $this->Form->input('username');
echo $this->Form->input('password');
?>
</fieldset>
<?php
echo $this->Form->submit(__('Login'), array('class' => 'btn btn-success','formnovalidate' => true)) ;
echo $this->Form->end();
?>
</div>
的[驗證在URL重複控制器]可能重複(http://stackoverflow.com/questions/23477660/auth-repeats- controller-in-url) – burzum
@burzum那麼問題是我的,這是通過從Auth配置中刪除''plugin''來修復的。這個問題是否也可以由AppController中的某些配置引起? – SunT
@burzum我更新了我的問題,現在有效嗎? – SunT