我正在尝试用蛋糕2.4制作一个简单的登录应用程序。这是用户模型的代码。
App::uses('AuthComponent', 'Controller/Component');
class User extends AppModel
{
public $useTable = "user_master";
public $primaryKey = "user_id";
/*
public $validate = array(
'username' => array(
'required' => array(
'rule' => array('notEmpty'),
'message' => 'A username is required'
)
),
'password' => array(
'required' => array(
'rule' => array('notEmpty'),
'message' => 'A password is required'
)
));
*/
public function beforeSave($options = array())
{
if (isset($this->data[$this->alias]['password']))
{
$this->data[$this->alias]['password'] = AuthComponent::password($this->data[$this->alias]['password']);
}
return true;
}
}
在我的UsersController代码中是..
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->authorize = 'controller';
}
public function isAuthorized() {
return true;
}
public function index() {
$this->User->recursive = 0;
$this->set('users', $this->paginate());
}
public function view($id = null) {
$this->User->id = $id;
if (!$this->User->exists()) {
throw new NotFoundException(__('Invalid user'));
}
$this->set('user', $this->User->read(null, $id));
}
public function add() {
if ($this->request->is('post')) {
$this->User->create();
if ($this->User->save($this->request->data)) {
$this->Session->setFlash(__('The user has been saved'));
return $this->redirect(array('action' => 'index'));
}
$this->Session->setFlash(__('The user could not be saved. Please, try again.'));
}
}
public function edit($id = null) {
$this->User->id = $id;
if (!$this->User->exists()) {
throw new NotFoundException(__('Invalid user'));
}
if ($this->request->is('post') || $this->request->is('put')) {
if ($this->User->save($this->request->data)) {
$this->Session->setFlash(__('The user has been saved'));
return $this->redirect(array('action' => 'index'));
}
$this->Session->setFlash(__('The user could not be saved. Please, try again.'));
} else {
$this->request->data = $this->User->read(null, $id);
unset($this->request->data['User']['password']);
}
}
public function delete($id = null) {
$this->request->onlyAllow('post');
$this->User->id = $id;
if (!$this->User->exists()) {
throw new NotFoundException(__('Invalid user'));
}
if ($this->User->delete()) {
$this->Session->setFlash(__('User deleted'));
return $this->redirect(array('action' => 'index'));
}
$this->Session->setFlash(__('User was not deleted'));
return $this->redirect(array('action' => 'index'));
}
public function login() {
if ($this->request->is('post')) {
//pr(AuthComponent::password($this->request->data[$this->alias]['password']));
//debug($this->Auth->login()); die();
if ($this->Auth->login()) {
$this->Session->setFlash(__('hi'));
return $this->redirect($this->Auth->redirect());
}
$this->Session->setFlash(__('Invalid username or password, try again'));
}
}
public function logout() {
$this->Session->destroy();
return $this->redirect($this->Auth->logout());
}
AppController代码
App::uses('Controller', 'Controller');
App::uses('AuthComponent', 'Component');
class AppController extends Controller {
public $components = array(
'DebugKit.Toolbar',
'Session',
'Auth' => array(
'loginRedirect' => array('controller' => 'products', 'action' => 'index'),
'logoutRedirect' => array('controller' => 'users', 'action' => 'login'),
'loginError' => 'Invalid account specified',
'authorize' => array('Controller')
)
);
public function beforeFilter() {
$this->Auth->allow('index', 'view');
}
login.ctp
<div class="users form">
<?php echo $this->Session->flash('auth'); ?>
<?php echo $this->Form->create('User'); ?>
<fieldset>
<legend><?php echo __('Please enter your username and password'); ?></legend>
<?php echo $this->Form->input('username');
echo $this->Form->input('password');
?>
</fieldset>
<?php echo $this->Form->end(__('Login')); ?>
</div>
现在的问题是每当我尝试使用错误的凭据登录时,它总是会重定向到产品控制器的索引页面。当我取消注释UsersController中的行时 调试($这 - &GT; Auth-&GT;登录());模具();
然后它总是显示所有用户名和密码都是真的。那么任何人都可以帮我找到我做错的地方吗?
提前致谢..
答案 0 :(得分:3)
public $components = array(
'loginAction' => array('controller'=>'Dashboard', 'action'=>'login'),
'loginRedirect' => array('contoller'=>'Dashboard', 'action'=>'login'),
'logoutRedirect' => array('controller'=>'Dashboard', 'action'=>'logout'),
'authenticate' => array(
'Form' => array(
'userModel' => 'User',
'fields' => array(
'username' => 'email',
'password'=>'password')
)
)
)
);
答案 1 :(得分:0)
假设你的create.ctp是正确的,你的代码看起来很接近我的。我建议使用blowfish加密。
if (isset($this->data['User']['password'])) {
$hash = Security::hash($this->data['User']['password'], 'blowfish');
$this->data['User']['password'] = $hash;
}
还可以尝试在appcontroller中的beforeFilter中设置Auth设置,而不是$ components变量。如果我没记错的话,我也无法以这种方式工作。
public function beforeFilter() {
$this->Auth->authorize = array('Controller');
$this->Auth->authenticate = array(
'Blowfish' => array(
'userModel' => 'User',
'fields' => array('username' => 'username', 'password' => 'password')
)
);
}