我一直在与Auth合作几天,我认为它工作正常,但它似乎允许任何用户名或密码。我正在使用自定义模型(Employee)和自定义字段(用户名=> employee_id)。
该页面始终返回“good!”
AppController的
class AppController extends Controller {
public $components = array(
'Session',
'Auth' => array(
'flashElement' => 'login_error',
'loginAction' => array(
'controller' => 'Employees',
'action' => 'index',
),
'authenticate' => array(
'all' => array('userModel' => 'Employee'),
'Form' => array(
'userModel' => 'Employee',
'fields' => array(
'username' => 'employee_id',
'password' => 'password',
)
)
)
),
);
public $uses = array(
'ProgramApplication',
'Employee'
);
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->fields = array(
'username' => 'employee_id',
'password' => 'password'
);
EmployeesController
public function index() {
//Set layout to login
$this->layout = 'login';
$this->request->data['Employee']['password'] = md5($this->request->data['Employee']['password'].$salt);
//if already logged-in, redirect
if($this->Session->check('Auth.User')){
return $this->redirect(
array('controller' => 'Search', 'action' => 'index'));
}
print_r($this->request->data);
if ($this->request->is('post')) {
if ($this->Auth->login($this->request->data)) {
echo "good!";
//$this->redirect($this->Auth->redirect());
} else {
echo "no good";
$this->Session->setFlash(__('Invalid username or password, try again'));
}
}
Index.ctp
<form id='Employee' role="form" action='' method="post">
<div id='username' class="form-group">
<input type="username" name='data[Employee][username]' id='EmployeeUsername' onblur="checkUsername()" class="form-control" placeholder="username">
</div>
<br>
<div class="form-group">
<input type="password" name='data[Employee][password]' class="form-control" id="EmployeePassword" placeholder="Password">
<a href=""<?php echo EWConfig::$URL?>/ExpressWay/Employees/passwordReset"">Forgot password?</a>
<br>
<button type="submit" class="btn btn-default">Login</button>
</div>
</form>
答案 0 :(得分:3)