我有2个管理员角色(超级,管理员),在首次登录时,一切正常但在注销后以不同的管理员身份登录后,它会重定向到超级前缀。
这是我的app控制器:
class AppController extends Controller {
public $helpers = array('Js', 'Session');
public $components = array(
'Session',
'RequestHandler',
'DebugKit.Toolbar',
'Auth' => array(
'autoRedirect' => false,
'loginAction' => array(
'admin' => false,
'super' => false,
'controller' => 'users',
'action' => 'login'
),
'loginRedirect' => array(
'controller' => 'users',
'action' => 'dashboard',
'admin'=> true,
'super'=> true
),
'logoutRedirect' => array(
'admin' => false,
'super' => false,
'controller' => 'users',
'action' => 'login'
),
'authError' => 'Please login to continue.',
'flash' => array('element' => 'flash/default', 'key' => 'auth', 'params' => array('class' => 'error', 'title' => 'Authentication Error')),
'authorize' => 'Controller',
'authenticate' => array(
'Form' => array(
'userModel' => 'User',
'fields' => array(
'username' => 'email'
),
)
),
)
);
public function isAuthorized($user) {
# Accept if Admin
if($user['admin']){
return true;
}
# Check if current prefix is admin or physician and authenticate user
if(isset($this->request->prefix)) {
switch ($this->request->prefix) {
case 'super':
if(!$user['super']){
$this->Auth->authError = 'Sorry, you do not have permission to access the Manager\'s area';
}
return $user['super'];
break;
case 'admin':
if(!$user['admin']){
$this->Auth->authError = 'Sorry, you do not have permission to access the Administrators\'s area';
}else{
$this->layout = 'admin_layout';
}
return $user['admin'];
break;
}
}else{
$this->layout = 'super_layout';
return true;
}
$this->Auth->authError = 'Sorry, you do not have permission to access the Admin area';
return false;
}
public function beforefilter(){
$this->appSettings = Configure::read('appSettings');
$this->set('appSettings', Configure::read('appSettings'));
if (!$this->Auth->loggedIn()) {
$this->Auth->authError = false;
}
if(isset($this->request->prefix)) {
switch ($this->request->prefix) {
case 'admin':
$this->layout = 'admin_layout';
$admin = true;
break;
case 'super':
$this->layout = 'super_layout';
$super = true;
break;
}
}
}
答案 0 :(得分:0)
属性AuthComponent :: $ loginRedirect
登录后,应将控制器操作用户的URL(定义为字符串或数组)重定向到。如果用户在其会话中具有Auth.redirect值,则将忽略此值。
如果您尝试访问domain.com/super/并尝试以管理员身份登录,则蛋糕将忽略$ loginRedirect属性,并在您登录后,它会尝试将您重定向到domain.com/super/这是链接你最初试图访问