Question

我有一个名为＆＃34; Backend＆＃34;在这个模块中，我想检查除backend_login页面之外的所有页面上的有效身份验证。我该怎么做呢？我试图将它添加到Backend / Module.php中的onBootstrap，但事实证明它在我的其他模块中也被调用了......这当然不是我想要的。

那我该怎么做？

提前致谢！

Answer 1

要获得有关zf2身份验证的明确信息，您可以遵循： ZF2 authentication

adapter auth
数据库表身份验证
LDAP auth

digest auth .... 这些都是不同的方法，这里是数据库表auth的一个例子： 在每个控制器的动作中，你需要用户认证的东西应该是这样的：

use Zend\Authentication\Result;
use Zend\Authentication\AuthenticationService;
use Zend\Authentication\Adapter\AdapterInterface;
use Zend\Db\Adapter\Adapter as DbAdapter;
use Zend\Authentication\Adapter\DbTable as AuthAdapter;

public function login($credential)
{   
   $bcrypt = new Bcrypt();
   $user   = new User();
   $auth = new AuthenticationService();

   $user->exchangeArray($credential);

   $password    = $user->password;
   $data        = $this->getUserTable()->selectUser($user->username);

   if (!$data){
    $message = 'Username or password is not correct!';
   } 
   elseif($auth->getIdentity() == $user->username){
     $message = 'You have already logged in';
   }
   elseif($bcrypt->verify($password, $data->password)){

        $sm          = $this->getServiceLocator();
        $dbAdapter   = $sm->get('Zend\Db\Adapter\Adapter');
        $authAdapter = new AuthAdapter(
                $dbAdapter,
                'user',
                'username',
                'password'
        );
        $authAdapter -> setIdentity($user->username) -> setCredential($data->password);

        $result = $auth->authenticate($authAdapter);

        $message = "Login succesfull.Welcome ".$result->getIdentity();


    } else {
        $message =  'Username or password is not correct';
    }


return new ViewModel(array("message" =>$message));
}

在每个操作中都可以这样检查是否经过身份验证

if($auth -> hasIdentity()){

        //your stuff
}
else{
        //redirected to your login route;
    }

Answer 2

我曾遇到类似的问题，并在onBootstrap()函数的Module.php中找到了它。试试这个，它对我有用：

    class Module {

    // white list to access with being non-authenticated
    //the list may contain action names, controller names as well as route names
    protected $whitelist = array('login');

         //....

    public function onBootstrap($e){
        $app = $e->getApplication();
        $em  = $app->getEventManager();
        $sm  = $app->getServiceManager();

        $list = $this->whitelist;
        $auth = new AuthenticationService();

        $em->attach(MvcEvent::EVENT_ROUTE, function($e) use ($list, $auth) {
            $match = $e->getRouteMatch();

            // No route match, this is a 404
            if (!$match instanceof RouteMatch) {
                return;
            }

            // Route is whitelisted
           $action = $match->getParam('action');
            if (in_array($action, $list) ) {
                return;
            }

            // User is authenticated
                if ($auth->hasIdentity()){
                    return;
                }

            // the user isn't authenticated
            // redirect to the user login page, as an example
            $router   = $e->getRouter();
            $url      = $router->assemble(array(
                    'controller' => 'auth',
                    'action'=>'login'

            ), array(
                'name' => 'route_name',

            ));

            $response = $e->getResponse();
            $response->getHeaders()->addHeaderLine('Location', $url);
            $response->setStatusCode(302);

            return $response;
        }, -100);
    }
}

或者您可能会看到bjyauthorize。

希望它可以提供帮助。

ZF2 - init或在每个模块控制器中调用的东西

2 个答案: