Cakephp管理路由前缀在登录后不会重定向到正确的前缀

时间:2014-07-09 08:46:04

标签: php cakephp

我有2个管理员角色(超级,管理员),在首次登录时,一切正常但在注销后以不同的管理员身份登录后,它会重定向到超级前缀。

这是我的app控制器:

class AppController extends Controller {
public $helpers = array('Js', 'Session');
public $components = array(
    'Session',
    'RequestHandler',
    'DebugKit.Toolbar',
    'Auth' => array(
        'autoRedirect' => false,
        'loginAction' => array(
            'admin' => false,
            'super' => false,
            'controller' => 'users',
            'action' => 'login'
        ),
        'loginRedirect' => array(
            'controller' => 'users',
            'action' => 'dashboard',
            'admin'=> true,
            'super'=> true
        ),
        'logoutRedirect' => array(
            'admin' => false,
            'super' => false,
            'controller' => 'users',
            'action' => 'login'
        ),
        'authError' => 'Please login to continue.',
        'flash' => array('element' => 'flash/default', 'key' => 'auth', 'params' => array('class' => 'error', 'title' => 'Authentication Error')),
        'authorize' => 'Controller',
        'authenticate' => array(
            'Form' => array(
                'userModel' => 'User',
                'fields' => array(
                    'username' => 'email'
                    ),
            )
        ),
    )
);

public function isAuthorized($user) {
    # Accept if Admin
    if($user['admin']){
        return true;
    }

    # Check if current prefix is admin or physician and authenticate user
    if(isset($this->request->prefix)) {
        switch ($this->request->prefix) {
            case 'super':
                if(!$user['super']){
                    $this->Auth->authError = 'Sorry, you do not have permission to access the Manager\'s area';
                }
                return $user['super'];
                break;
             case 'admin':
                if(!$user['admin']){
                    $this->Auth->authError = 'Sorry, you do not have permission to access the Administrators\'s area';
                }else{
                    $this->layout = 'admin_layout';
                }
                return $user['admin'];
                break;
        }
    }else{
        $this->layout = 'super_layout';
        return true;
    }

    $this->Auth->authError = 'Sorry, you do not have permission to access the Admin area';
    return false;
}

public function beforefilter(){
    $this->appSettings = Configure::read('appSettings');
    $this->set('appSettings',  Configure::read('appSettings'));

    if (!$this->Auth->loggedIn()) {
        $this->Auth->authError = false;
    }

     if(isset($this->request->prefix)) {
        switch ($this->request->prefix) {
            case 'admin':
                $this->layout = 'admin_layout';
                $admin = true;
                break;
            case 'super':
                $this->layout = 'super_layout';
                $super = true;
                break;
        }
    }

}

1 个答案:

答案 0 :(得分:0)

属性AuthComponent :: $ loginRedirect

登录后,应将控制器操作用户的URL(定义为字符串或数组)重定向到。如果用户在其会话中具有Auth.redirect值,则将忽略此值。

如果您尝试访问domain.com/super/并尝试以管理员身份登录,则蛋糕将忽略$ loginRedirect属性,并在您登录后,它会尝试将您重定向到domain.com/super/这是链接你最初试图访问

相关问题
最新问题