Question

在我的蛋糕2.2应用程序中，我在App Controller中设置了以下的beforeFilter（）：

public function beforeFilter() {

    //Configure AuthComponent
    // Admin
    if($this->Auth->user('group_id') == '12') {
        $this->Auth->allow('admin_index'); 
        $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login', 'admin' => FALSE);
        $this->Auth->loginRedirect = array('controller' => 'pages', 'action' => 'index', 'admin' => TRUE);
        $this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login', 'admin' => FALSE);

        $this->set("group", "admin");

    // Staff
    }

    if($this->Auth->user('group_id') == '13') {
        $this->Auth->allow('admin_index'); 
        $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login', 'admin' => FALSE);
        $this->Auth->loginRedirect = array('controller' => 'pages', 'action' => 'index', 'admin' => TRUE);
        $this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login', 'admin' => FALSE);

        $this->set("group", "staff");

所以基本上我希望会话到期时，所有用户对用户组的看法都会被发送到/ users / login。这适用于用户，但任何管理员用户都被重定向到admin / users / login，并在用户控制器错误中显示Missing方法（因为这不是管理员方法）。出于某种原因'admin'=＆gt; FALSE不起作用。

那么，如何让所有用户无论用户类型被重定向到/ users / login

的NON管理方法/网址？

    // Users
    } 

    if($this->Auth->user('group_id') == '14') {
        $this->Auth->allow(array('controller' => 'pages', 'action' => 'index', 'admin' => FALSE));
        $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login', 'admin' => FALSE);
        $this->Auth->loginRedirect = array('controller' => 'pages', 'action' => 'index', 'admin' => FALSE);
        $this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login', 'admin' => FALSE);

        $this->set("group", "user");
    }

    // General logout redirect (including expired session redirect)
    $this->Auth->logoutRedirect = array('controller' => 'users', 'action' => 'login', 'admin' => FALSE);
}

Answer 1

我猜想发生的事情是，当会话到期时，用户实际上并未登出。除非用户明确注销（在您的UsersController中执行lougout操作，我假设），例如

public function logout() {
    ... some code here...
    $this->Session->destroy();
    $this->redirect($this->Auth->logout());
}

logoutRedirect可能无法正常工作如果会话过期，用户将被授权查看该页面，重定向将转到Auth-＆gt; unauthorizedRedirect。

对于您尝试做的事情，我会使用方法检查用户是否在AppController的过滤器之前登录

public function beforeFilter() {
    if (!$this->Auth->loggedIn() && $this->action != 'login') {
        $this->redirect(array('controller'=>'users', 'action'=>'login', 'admin'=>false));
    }
}

或者如果你想要

public function beforeFilter() {
    if (!$this->Auth->loggedIn() && $this->action != 'login') {
        $this->redirect($this->Auth->logoutRedirect);
    }
}

Answer 2

public function admin_logout() {
    $this->Session->setFlash(__('Thanks for using Applired.com!'), 'default', array('class' => 'alert alert-success'));
    $this->Session->delete('user_to_register');
    $this->Session->destroy();
    $this->Auth->logout();
    return $this->redirect(array('controller' => 'dashboard', 'action' => 'login'));
}

CakePHP - Auth logoutRedirect不适用于管理员用户

2 个答案: