用户身份验证无需身份验证即可登

时间:2013-06-17 06:06:11

标签: cakephp-2.0

我正在尝试在cakephp中进行简单的“用户身份验证”。我编写了烹饪书中给出的代码,但我的登录功能无法正常工作。 它不进行任何身份验证并允许任何用户访问或编辑数据,即使提供空白的用户名和密码,也允许我登录。我在Appcontroller.php中编写了以下代码

<?php
class AppController extends Controller {

public $components = array(
        'Session',
        'Auth' => array(
         'loginRedirect' => array('controller' => 'users','action' => 'index'),
         'logoutRedirect' => array('controller' => 'users','action' => 'login')
        )
    );
   public function beforeFilter() {
       $this->layout = 'admin_layout';
       $this->Auth->allow('index','view'); 

        }

UsersController.php 

    <?php

    App::uses('AppController', 'Controller');
    App::uses('AuthComponent', 'Controller/Component');

    class UsersController extends AppController {


        public function login() 
            {

                if($this->request->is('post')) {
                    if ($this->Auth->login()) {
                        if($this->Auth->login());
                       $this->redirect($this->Auth->redirect());
                    } else {
                        $this->Session->setFlash(__('Invalid username or password, try again'));
                    }

            }}
            public function logout() {
        $this->redirect($this->Auth->logout());
        }

Login.ctp is as follows



 <?php echo $this->Html->css('login');?>
    <div class="logincontainer">

    <div class="loginform">
    <div class="img">
    </div>


    <?php echo $this->Form->create('User'); ?>
    <div id="input">
    <div id="username">
      <?php // echo $this->Form->input('username');?>

     <?php echo $this->Form->input('username',array('class'=>'name','placeholder'=>'username','label'=>false));?>
    </div>
    <div id="space">
    </div>
    <div id="password">
        <?php //     echo $this->Form->input('password');?> 
    <?php echo $this->Form->input('password',array('class'=>'name','placeholder'=>'password','label'=>false));?>
    </div>
        <div id="space1"></div>
    <?php echo $this->Form->end('Login'); ?>

        <div id="forgot">Forgot Password

            </div>
    </div>
        <?php // echo $this->Session->flash();?>
    </div>
    </div>

有人可以指导我错在哪里..

1 个答案:

答案 0 :(得分:0)

我认为你没有登录但是重定向到索引操作并且您认为登录因为您的loginRedirect选项是索引操作而您在beforeFilter中允许此操作

$this->Auth->allow('index','view');

请添加:

debug($this->Auth->login());
debug($this->request->data);
die();

之前:

if ($this->Auth->login()) {
    if($this->Auth->login());
    $this->redirect($this->Auth->redirect());
} else {
     $this->Session->setFlash(__('Invalid username or password, try again'));
}

调试结果($ this-&gt; Auth-&gt; login());如果输入错误的用户或密码,则应为false

相关问题
最新问题