我不希望我的用户在登录后能够访问登录页面。他们必须先注销才能登录。这看起来很简单,我不能正确理解
class UsersController extends AppController {
public function isAuthorized($user) {
if( $this->Auth->login() ){
return false;
} else {
return true;
}
}
public function login() {
if ($this->request->is('post')) {
if ($this->Auth->login()) {
return $this->redirect($this->Auth->redirectUrl());
} else {
$this->Session->setFlash(__('Username or password is incorrect'), 'default', array(), 'auth');
}
}
}
答案 0 :(得分:1)
还有注册或丢失密码等操作。
基本上您只需检查列入黑名单的控制器/操作并重定向到主屏幕或相应地登录重定向
// Do not allow access to these public actions when already logged in
$allowed = array('Account' => array('login', 'lost_password', 'register'));
foreach ($allowed as $controller => $actions) {
if ($this->name === $controller && in_array($this->request->action, $actions)) {
$this->Common->flashMessage('The page you tried to access is not relevant if you are already logged in. Redirected to main page.', 'info');
return $this->redirect($this->Auth->loginRedirect);
}
}
请参阅 https://github.com/dereuromark/cakefest/blob/master/Controller/AppController.php#L66
答案 1 :(得分:0)
我使用了laravel,在这种情况下,我的login路由filter就是这样。
Route::get('login', array('before' => 'guest', "uses" => "SessionController@create"));
guest是过滤器的名称,定义为return !Auth::check();
对于CakePHP,我认为它非常相似。根据您当前用户的身份验证情况,寻找一种可以过滤路线的方法。