CakePHP用Auth记住了我

时间:2012-09-16 14:01:37

标签: php session cakephp authentication cookies

我已经成功使用了Auth,但遗憾的是,它似乎只适用于Session。我希望如果用户选中“记住我”复选框,我会使用Cookie,他将登录2周。我在官方书籍和谷歌中找不到任何东西我发现只有少数而不是很棒的博客文章。有没有办法实现这个而不重写核心?

8 个答案:

答案 0 :(得分:48)

在您的用户控制器中:

public function beforeFilter() {
    $this->Auth->allow(array('login', 'register'));
    parent::beforeFilter();
}

public function login() {
    if ($this->request->is('post')) {

        if ($this->Auth->login()) {

            // did they select the remember me checkbox?
            if ($this->request->data['User']['remember_me'] == 1) {
                // remove "remember me checkbox"
                unset($this->request->data['User']['remember_me']);

                // hash the user's password
                $this->request->data['User']['password'] = $this->Auth->password($this->request->data['User']['password']);

                // write the cookie
                $this->Cookie->write('remember_me_cookie', $this->request->data['User'], true, '2 weeks');
            }

            return $this->redirect($this->Auth->redirect());

        } else {
            $this->Session->setFlash(__('Username or password is incorrect.'));
        }
    }

    $this->set(array(
        'title_for_layout' => 'Login'
    ));
}

public function logout() {
    // clear the cookie (if it exists) when logging out
    $this->Cookie->delete('remember_me_cookie');

    return $this->redirect($this->Auth->logout());
}

在登录视图中:

<h1>Login</h1>

<?php echo $this->Form->create('User'); ?>
    <?php echo $this->Form->input('username'); ?>
    <?php echo $this->Form->input('password'); ?>
    <?php echo $this->Form->checkbox('remember_me'); ?> Remember Me
<?php echo $this->Form->end('Login'); ?>

在AppController中:

public $components = array(
    'Session',
    'Auth',
    'Cookie'
);

public $uses = array('User');

public function beforeFilter() {
    // set cookie options
    $this->Cookie->key = 'qSI232qs*&sXOw!adre@34SAv!@*(XSL#$%)asGb$@11~_+!@#HKis~#^';
    $this->Cookie->httpOnly = true;

    if (!$this->Auth->loggedIn() && $this->Cookie->read('remember_me_cookie')) {
        $cookie = $this->Cookie->read('remember_me_cookie');

        $user = $this->User->find('first', array(
            'conditions' => array(
                'User.username' => $cookie['username'],
                'User.password' => $cookie['password']
            )
        ));

        if ($user && !$this->Auth->login($user['User'])) {
            $this->redirect('/users/logout'); // destroy session & cookie
        }
    }
}

答案 1 :(得分:6)

请参阅此网址我认为对您来说非常有帮助。

http://lecterror.com/articles/view/cakephp-and-the-infamous-remember-me-cookie

或试试这个 

function login() {
    if ($this->Auth->user()) {
        if (!empty($this->data) && $this->data['User']['remember_me']) {
            $cookie = array();
            $cookie['username'] = $this->data['User']['username'];
            $cookie['password'] = $this->data['User']['password'];
            $this->Cookie->write('Auth.User', $cookie, true, COOKIE_EXPIRE);
            unset($this->data['User']['remember_me']);
        }

        $this->LogDetail->Write('activity','has logged IN');
        $this->redirect($this->Auth->redirect());
    }

    if (empty($this->data)) {
        $cookie = $this->Cookie->read('Auth.User');
        if (!is_null($cookie)) {
            if ($this->Auth->login($cookie)) {
                $this->Session->destroy('Message.Auth'); # clear auth message, just in case we use it.
                $this->LogDetail->Write('activity','has been authenticated via cookie and is now logged IN');

                $this->redirect($this->Auth->redirect());
            } else {
                $this->LogDetail->Write('activity','attempted to gain access with an invalid cookie');
                $this->Cookie->destroy('Auth.User'); # delete invalid cookie

                $this->Session->setFlash('Invalid cookie');
                $this->redirect('login');
            }
        }
    }
}

答案 2 :(得分:5)

使用CookeAuthenticate适配器:

https://github.com/ceeram/Authenticate/blob/master/Controller/Component/Auth/CookieAuthenticate.php

这里有更多信息:

https://github.com/ceeram/Authenticate/wiki/Set-Cookie

答案 3 :(得分:3)

请记住,除了使用cookie识别的会话之外别无其他,但cookie生命周期设置为无穷大。查看Config / core.php以了解会话cookie生存期。

答案 4 :(得分:0)

我认为您需要了解CakePHP安全级别。尝试降低cakePHP的安全性。 CakePHP的配置变量documentation。很久以前我也曾写过一篇关于它的blog

答案 5 :(得分:0)

你可以试试这个

if ($this->Auth->login()) 
        {
            if (!empty($this->data['User']['remember']))
            {
                $cookie = array();
                $cookie['login'] = $this->data['User']['login'];
                $cookie['password'] = $this->data['User']['password'];
                                    $cookie['language'] =$this->data['User']['language'];
                $this->Cookie->write('Auth.projectname', $cookie, true, '+1 years');                                                        
                unset($this->data['User']['remember']);

答案 6 :(得分:0)

 public function admin_login() {
        $this->layout = 'admin_login';
        if (count($this->Session->read("Auth.User"))) {
            $usr = $this->Session->read("Auth.User");
            if ($usr['role'] == 'A' || $usr['role'] == 'RA' || $usr['role'] == 'MAfA' || $usr['role'] == 'Af' || $usr['role'] == 'FAA')
                return $this->redirect(array('controller' => 'dashboard', 'action' => 'view'));
        }
        if ($this->request->is('post')) {

            if ($this->request->data['User']['remember_me']=="1") {
//                pr($this->request->data);
//                die('sdd');


                $this->Cookie->write('username', $this->request->data['User']['username'], true, '1 year');
                $this->Cookie->write('password', $this->request->data['User']['password'], true, '1 year');
            } else {
                $this->Cookie->destroy();
            }
            /*
             * Check if email or username is passed in form
             */
            $uname = $this->request->data['User']['username'];
            //login via email
            if (filter_var($uname, FILTER_VALIDATE_EMAIL)) {
                $u = $this->User->findByemail($uname);
            } else { //login via username
                $u = $this->User->findByusername($uname);
            }
            if ($u) {
                $this->request->data['User']['username'] = $u['User']['username'];
                /*                 * *
                 * Error if user is not active
                 */
                if ($u['User']['user_status'] != 'active') {
                    $this->Session->setFlash(__('Sorry! Your account is not active.'), 'default', array('class' => 'alert alert-danger'));
                } elseif ($this->Auth->login()) { //if logged in
                    $user_caps = $this->fetchCapabilitiesByRole($u['User']['role']);
                    $this->Session->write("Auth.User.privileges", array('capabilities' => $user_caps['capabilities'], 'geo_areas' => array()));
                    if ($u['User']['role'] == 'A' || $u['User']['role'] == 'RA' || $u['User']['role'] == 'Af' || $u['User']['role'] == 'MAfA' || $u['User']['role'] == 'FAA')
                        return $this->redirect(array('controller' => 'dashboard', 'action' => 'view'));
                    return $this->redirect($this->Auth->redirect());
                }else { //if invalid
                    $this->Session->setFlash(__('Invalid username or password.'), 'default', array('class' => 'alert alert-danger'));
                }
            } else {//if user does not exists
                $this->Session->setFlash(__('User does not exists.'), 'default', array('class' => 'alert alert-danger'));
            }
        }
    }

答案 7 :(得分:-1)

自问题得到解答以来已经有一段时间了,但希望这可以帮助那些追随我的人。

我在Ceeram

中使用Auhenticate插件编写了关于如何设置“记住我”功能的简短演练

此处有更多信息:http://mirkoborivojevic.com/posts/2013/08/10/setup-remember-me-functionality-in-cakephp/

相关问题
最新问题