我最近在Auth组件上倾注了一些CakePHP教程,并将其用作参考:http://miftyisbored.com/a-complete-login-and-authentication-application-tutorial-for-cakephp-2-3/
My Cake版本是2.3.1
我使用Firebug进行调试。数据库密码正在散列,我可以注册和新用户就好了,但登录是一个不同的故事。当我尝试访问需要身份验证的页面时,我会获得登录页面,输入有效的用户/密码,然后将其重定向回到登录页面。在firebug中,POST标题为200 OK,然后再次返回登录页面。我猜测我的会话配置或其他东西可能有问题,好像会话没有被查询一样。这是我的UsersController.php:
<?php
class UsersController extends AppController {
public $name = 'Users';
public $helpers = array('Html','Form');
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow('add', 'login');
}
public function login() {
//if already logged-in, redirect
if($this->Session->check('Auth.User')){
$this->redirect(array('controller'=>'admin','action' => 'admin_index'));
}
// if we get the post information, try to authenticate
if ($this->request->is('post')) {
if ($this->Auth->login()) {
$this->Session->setFlash(__('Welcome, '. $this->Auth->user('username')));
$this->redirect($this->Auth->redirectUrl());
} else {
$this->Session->setFlash(__('Invalid username or password'));
}
}
}
public function logout() {
return $this->redirect($this->Auth->logout());
}
public function index() {
$this->User->recursive = 0;
$this->set('users', $this->paginate());
}
public function view($id = null) {
$this->User->id = $id;
if (!$this->User->exists()) {
throw new NotFoundException(__('Invalid user'));
}
$this->set('user', $this->User->read(null, $id));
}
public function add() {
if ($this->request->is('post')) {
$this->User->create();
if ($this->User->save($this->request->data)) {
$this->Session->setFlash(__('The user has been saved'));
return $this->redirect(array('action' => 'login'));
}
$this->Session->setFlash(
__('The user could not be saved. Please, try again.')
);
}
}
public function edit($id = null) {
$this->User->id = $id;
if (!$this->User->exists()) {
throw new NotFoundException(__('Invalid user'));
}
if ($this->request->is('post') || $this->request->is('put')) {
if ($this->User->save($this->request->data)) {
$this->Session->setFlash(__('The user has been saved'));
return $this->redirect(array('action' => 'index'));
}
$this->Session->setFlash(
__('The user could not be saved. Please, try again.')
);
} else {
$this->request->data = $this->User->read(null, $id);
unset($this->request->data['User']['password']);
}
}
public function delete($id = null) {
$this->request->onlyAllow('post');
$this->User->id = $id;
if (!$this->User->exists()) {
throw new NotFoundException(__('Invalid user'));
}
if ($this->User->delete()) {
$this->Session->setFlash(__('User deleted'));
return $this->redirect(array('action' => 'index'));
}
$this->Session->setFlash(__('User was not deleted'));
return $this->redirect(array('action' => 'index'));
}
}
?>
我的模型似乎工作正常,但如果我的错误发生在哪里,我可以提供任何其他代码!谢谢串!
答案 0 :(得分:0)
问题在于您的密码加密,看看您是否正在进行之前的保存,并且您需要在保存时进行加密,并在登录时验证密码是否在数据库中相同
用户模型
public function beforeSave($options = array()) {
// hash our password
if (!$this->id) {
$passwordHasher = new SimplePasswordHasher();
$this->data['User']['password'] = $passwordHasher->hash($this->data['User']['password']);
}
return true;
}
<强> AppController的
public function beforeFilter() {
Security::setHash('sha1');
$this->Auth->allow('index', 'display', 'view');
}
在您的数据库中输入密码,右边是varchar(30)