cakephp的授权

时间:2014-01-29 20:43:31

标签: php cakephp

我还在学习蛋糕。 我正在制作一个图库,所以每个页面都是公开的,我没有为用户开帐户,但是有一个管理员帐户可以发布我搜索过的照片/视频/作业但找不到与我的情况相符的内容。 这是我的 Appcontroller 

    <?php
App::uses('Controller', 'Controller');
class AppController extends Controller {

    public $components = array('Auth' => array(
                'loginAction' => array(
                    'controller' => 'admins',
                    'action' => 'login'
                ),
                'loginRedirect' => array(
                        'controller' => 'pages',
                        'action' => 'display','adminpanel'
                ),
                    'logoutRedirect' => array(
                        'controller' => 'pages',
                        'action' => 'display',
                        'home'
                ),
                'authError' => 'Did you really think you are allowed to see that?',
                'authenticate' => array(
                    'Form' => array(
                        'fields' => array('username' => 'Username','password'=>'password')
                    )
                )
            ),'DebugKit.Toolbar');

   public function  beforefilter(){
       $this->Auth->authenticate = array('Form');
   }
}
?>

这是我的AdminsController 

    <?php
App::uses('AppController', 'Controller');

class AdminsController extends AppController {


        public $uses='Admin';
        public $helpers = array('Html', 'Form', 'Session');
    public $components = array('Paginator','Session');


            //this can be changed later 
            //if the system has users and admins
        public function login()
        {
            $this->layout = 'login';
            if ($this->request->is('post')) 
            {
                if ($this->Auth->login()) 
                {
                    return $this->redirect($this->Auth->redirect());
                }
                $this->Session->setFlash(__('Invalid username or password, try again'));
            }
        }
}
?>

并且有admins / login.ctp 

<?php echo $this->Form->create('Admin',array('class'=>'form-signin')); ?>
        <h2 class="form-signin-heading"><?php echo __('Please sign in'); ?></h2>
        <?php echo $this->Form->input('Username',array('type'=>'text','placeholder'=>'Username','class'=>'form-control'));?>
        <?php echo $this->Form->input('password',array('type'=>'password','placeholder'=>'Password','class'=>'form-control'));?>
        <label class="checkbox">
          <input type="checkbox" value="remember-me"> Remember me
        </label>
        <?php echo $this->Form->end(array('value' => 'Sign in', 'class' => 'btn btn-lg btn-primary btn-block'));

现在,当我访问网站时,它会将我重定向到管理员登录,我不想这样做。 我只想将该网站视为公众查看者,如果我访问了网站/管理员或任何与管理员相关的页面,它可以重定向我

提前谢谢

2 个答案:

答案 0 :(得分:1)

This is well explained in the book, here

您必须告知auth组件在每个控制器中可以公开访问哪些操作:

public function beforeFilter() {
    parent::beforeFilter();
    $this->Auth->allow(array('index', 'view', '...')));
}

答案 1 :(得分:0)

在core.php中启用管理员前缀。

Configure::write('Routing.prefixes', array('admin'));

然后添加Auth组件。

相关问题
最新问题