ZF2用户记住我不工作

时间:2013-05-17 10:20:55

标签: session cookies zend-framework2 remember-me

我正在尝试为我的ZF2 v2.2网站实现记忆功能。 所以这就是我到目前为止所做的: 我为会话管理器创建了一个服务,将会话写入db:

'session' => array(
    'remember_me_seconds' => 2419200,
    'use_cookies' => true,
    'cookie_httponly' => true,
),


        'session_manager' => function (ServiceManager $sm) {
            $adapter = $sm->get('db_adapter');
            $config = $sm->get('app_config');
            $sessionOptions = new Session\SaveHandler\DbTableGatewayOptions();
            $sessionTableGateway = new TableGateway('tbl_session', $adapter);
            $saveHandler = new Session\SaveHandler\DbTableGateway($sessionTableGateway, $sessionOptions);
            $sessionConfig = new Session\Config\SessionConfig();
            $sessionConfig->setCookieDomain(ACTIVE_SITE);
            $sessionConfig->setCookieSecure(true);
            $sessionConfig->setOptions($config['session']);
            $sessionManager = new Session\SessionManager($sessionConfig, NULL, $saveHandler);
            $sessionManager->start();
            return $sessionManager;
        },

并将此会话管理器用于我的会话和AuthenticationService

Session\Container::setDefaultManager($sm->get('session_manager'));

        'user_auth_service' => function (ServiceManager $sm) {
            $authService = new \Zend\Authentication\AuthenticationService();
            $session = new \Zend\Authentication\Storage\Session(null, null, $sm->get('session_manager'));
            $authService->setStorage($session);
            return $authService;
        },

我用我的登录表单记住了我:

 public function login(\User\Model\User $user)
    {
        $authAdapter = $this->getServiceLocator()->get('user_auth_adapter');
        $authAdapter->setIdentity($user->username);
        $authAdapter->setCredential($user->password);

        /* @var $authService \Zend\Authentication\AuthenticationService */
        $authService = $this->getServiceLocator()->get('user_auth_service');
        $result = $authService->authenticate($authAdapter);

        switch ($result->getCode()) {

            case \Zend\Authentication\Result::FAILURE_IDENTITY_NOT_FOUND:
            case \Zend\Authentication\Result::FAILURE_CREDENTIAL_INVALID:
                return $result->getMessages();
                break;

            case \Zend\Authentication\Result::SUCCESS:
                $user = $authAdapter->getResultRowObject(null, 'password');
                $user->rolls = $this->getServiceLocator()->get('user_role_table')->getRoles($user->id);
                $authService->getStorage()->write($user);
                getSM()->get('session_manager')->rememberMe();
                return true;
                break;

            default:
                return 'Invalid Credential Provided !';
                break;
        }
    }

但该应用程序仍然不记得我。我在这里做错了什么???

1 个答案:

答案 0 :(得分:9)

编辑:哦,对,我现在记得。 remember_me_seconds用于服务器,但如果客户端删除cookie则不行。您应该同时使用cookie_lifetime和remember选项设置为适当的值。请尝试以下方法。

session' => array(
    'cookie_lifetime' => 2419200, //SEE ME
    'remember_me_seconds' => 2419200, //SEE ME
    'use_cookies' => true,
    'cookie_httponly' => true,
),

让我知道它是否有效。

忽略以下内容。

我认为remember_me选项不起作用。我看了一下ZF2代码,这里有一些迹象表明它没用。查找//SEE ME评论。

public function setStorageOption($storageName, $storageValue)
{
    $key = false;
    switch ($storageName) {
        // SEE ME
        case 'remember_me_seconds':
            // do nothing; not an INI option
            return;
        case 'url_rewriter_tags':
            $key = 'url_rewriter.tags';
            break;
        default:
            $key = 'session.' . $storageName;
            break;
    }

    $result = ini_set($key, $storageValue);
    if (FALSE === $result) {
        throw new \InvalidArgumentException("'" . $key .
                "' is not a valid sessions-related ini setting.");
    }
    return $this;
}


/**
 * Retrieve a storage option from a backend configuration store
 *
 * Used to retrieve default values from a backend configuration store.
 *
 * @param  string $storageOption
 * @return mixed
 */
public function getStorageOption($storageOption)
{
    switch ($storageOption) {
        // SEE ME
        case 'remember_me_seconds':
            // No remote storage option; just return the current value
            return $this->rememberMeSeconds;
        case 'url_rewriter_tags':
            return ini_get('url_rewriter.tags');
        // The following all need a transformation on the retrieved value;
        // however they use the same key naming scheme
        case 'use_cookies':
        case 'use_only_cookies':
        case 'use_trans_sid':
        case 'cookie_httponly':
            return (bool) ini_get('session.' . $storageOption);
        default:
            return ini_get('session.' . $storageOption);
    }
}