我是Cakephp的新手,我试图解决它。 我正在构建一个简单的身份验证系统(登录/注销)。 我正在使用Cakephp内置AuthCommponent。
表:
USERS:id | name | surname | username | password | role
角色=管理员/客户端。
我已经构建了登录和注销脚本并且工作正常。 我想要实现的逻辑是:
一个用户(客户端)只能查看/编辑/删除自己。 管理员可以编辑/查看/删除所有人。
所以我有构建/
应用/控制器/ AppController的
<?php
App::uses('Controller', 'Controller');
class AppController extends Controller {
public $helpers = array(
'Html',
'Form',
'Session',
'Js'
);
public $components = array(
'DebugKit.Toolbar',
'Acl',
'Cookie',
'Session',
'Security',
'Auth' => array(
'loginAction' => array('controller' => 'users', 'action' => 'login'),
'loginRedirect' => array('controller' => 'users', 'action' => 'index'),
'logoutRedirect' => array('controller' => 'users', 'action' => 'login'),
'authError' => 'Youd dont have permission for that action.',
'loginError' => 'Invalid Username or Password entered, please try again.',
'authorize'=>array('Controller'),
)
);
/*****************************************************
* AUTHORIZATION
******************************************************/
public function isAuthorized($user = null) {
if (isset($user['role']) && ($user['role'] === 'admin'))
{
return true;
}
//default deny
return false;
}
/*****************************************************
* BEFORE FILTER FUNCTION
******************************************************/
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow('display');
$this->set('logged_in', $this->Auth->loggedIn());
$this->set('current_user', $this->Auth->user());
if (!$this->Auth->loggedIn()) {
$this->Auth->authError = "You must be logged in to view this page!";
}
}
}
?>
用户模型如下:
应用/型号/用户
<?php
App::uses('AppModel', 'Model');
class User extends AppModel {
/**
* Display field
*
* @var string
*/
public $displayField = 'name';
/**
* Validation rules
*
* @var array
*/
public $validate = array(
'id' => array(
'blank' => array(
'rule' => 'blank',
'on' => 'create',
),
),
'name' => array(
'maxLength' => array(
'rule' => array('maxLength', 50),
'message' => 'Il nome utente non può superare i 50 caratteri.',
),
'notEmpty' => array(
'rule' => array('notEmpty'),
'message' => 'Il nome utente non può essere vuoto.',
'allowEmpty' => false
),
),
'surname' => array(
'maxLength' => array(
'rule' => array('maxLength', 50),
'message' => 'Il nome utente non può superare i 50 caratteri.',
),
'notEmpty' => array(
'rule' => array('notEmpty'),
'message' => 'Il nome utente non può essere vuoto.',
'allowEmpty' => false
),
),
'username' => array(
'maxLength' => array(
'rule' => array('maxLength' , 50),
'message' => 'Username non può superare i 50 caratteri.',
),
'notEmpty' => array(
'rule' => array('notEmpty'),
'message' => 'Username non può essere vuoto.',
'allowEmpty' => false
),
'isUnique' => array(
'rule' => 'isUnique',
'message' => 'Questo utente già esiste.',
),
),
'password' => array(
'notEmpty' => array(
'rule' => array('notEmpty'),
'message' => 'Password can\'t be empty',
),
'minLength' => array(
'rule' => array('minLength',5),
'message' => 'Password should be more then 5 characters long',
),
'matchPasswords'=>array(
'rule'=>'matchPasswords',
'message'=>'La password non corrisponde!'
),
),
'confirm_password'=>array(
'notEmpty'=>array(
'rule'=> array('notEmpty'),
'message'=>'Confermare la password.'
),
),
'role' => array(
'notEmpty' => array(
'rule' => array('notEmpty'),
'message' => 'Non deve essere vuoto.',
),
'words' => array(
'rule' => array('custom', '/[0-9A-Za-z\._-]/'),
'message' => 'Username può contenere solo lettere, numeri e spazi.',
),
'valid' => array(
'rule' => array('inList', array('admin', 'client')),
'message' => 'Inserire un valido ruolo!',
'allowEmpty' => false,
),
),
);
/*****************************************************
* CHECK IF USER TYPES CORRECT THE PASSWORD - REGISTER
******************************************************/
public function matchPasswords($data) {
if ($data['password'] == $this->data['User']['confirm_password']) {
return true;
}
$this->invalidate('confirm_password', 'La password non corrisponde!');
return false;
}
/*****************************************************
* BEFORE SAVE
******************************************************/
// this is a Global variablke that im gonna use it inside my function
public function beforeSave($options = array()) {
// Adding new user
if (isset($this->data[$this->alias]['password'])) {
//[$this->alias] is instead of ['User']
$this->data[$this->alias]['password'] = AuthComponent::password($this->data[$this->alias]['password']);
}
return true;
}
}
?>
UserController:
应用/控制器/ UsersController
<?php
App::uses('AppController', 'Controller');
class UsersController extends AppController {
public $uses = array('User');
public $helpers = array('Html', 'Form');
public $components = array('Paginator');
/**
* beforeFilter method
* @return void
*/
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow('add','login','logout');
$this->Auth->autoRedirect = false;
}
/**
* user authorization method
* @return void
*/
public function isAuthorized($user = null) {
if ($this->action === 'index') {
return true;
}
// All registered users can add posts
if ($this->action === 'add') {
return true;
}
// The owner of a post can edit and delete it
if (in_array($this->action, array('view','edit', 'delete'))) {
// debug($this->request->params['pass']);
$user_id =(int)$this->request->params['pass'][0];
$logged_in_user = (int)$user['id'];
if ($user_id === $logged_in_user) {
return true;
}
}
return parent::isAuthorized($user);
}
/**
* login method
* @return void
*/
public function login() {
if ($this->Session->read('Auth.User')) {
$this->Session->setFlash('You are allredy logged in!');
return $this->redirect($this->Auth->redirectUrl());
}
if ($this->request->is('post')) {
if ($this->Auth->login()) {
$this->Session->setFlash(__('You Have Been Logged in.'));
return $this->redirect($this->Auth->redirectUrl());
} else {
$this->Session->setFlash(__('Invalid username/email - Password Combination.'));
}
}
}
/**
* logout method
* @return void
*/
public function logout() {
$this->Auth->logout();
$this->redirect($this->Auth->redirectUrl());
}
/**
* index method
* @return void
*/
public function index() {
$this->User->recursive = 0;
$this->set('users', $this->Paginator->paginate());
}
/**
* view method
* @throws NotFoundException
* @param string $id
* @return void
*/
public function view($id = null) {
// debug($this->params['action']);
if (!$this->User->exists($id)) {
throw new NotFoundException(__('Invalid user'));
}
$options = array('conditions' => array('User.' . $this->User->primaryKey => $id));
$this->set('user', $this->User->find('first', $options));
}
/**
* add method
* @return void
*/
public function add() {
if ($this->Session->read('Auth.User')) {
$this->Session->setFlash('You are allredy Have an Account!');
return $this->redirect($this->Auth->redirectUrl());
}
if ($this->request->is('post')) {
$this->User->create();
if ($this->User->validates()) {
if ($this->User->save($this->request->data)) {
$this->Session->setFlash(__('The user has been saved.'));
return $this->redirect(array('action' => 'index'));
} else {
$this->Session->setFlash(__('The user could not be saved. Please, try again.'));
}
}
}
}
/**
* edit method
* @throws NotFoundException
* @param string $id
* @return void
*/
public function edit($id = null) {
if (!$this->User->exists($id)) {
throw new NotFoundException(__('Invalid user'));
}
if ($this->request->is(array('post', 'put'))) {
if ($this->User->save($this->request->data)) {
$this->Session->setFlash(__('The user has been saved.'));
return $this->redirect(array('action' => 'index'));
} else {
$this->Session->setFlash(__('The user could not be saved. Please, try again.'));
}
} else {
$options = array('conditions' => array('User.' . $this->User->primaryKey => $id));
$this->request->data = $this->User->find('first', $options);
}
}
/**
* delete method
* @throws NotFoundException
* @param string $id
* @return void
*/
public function delete($id = null) {
$this->User->id = $id;
if (!$this->User->exists()) {
throw new NotFoundException(__('Invalid user'));
}
$this->request->allowMethod('post', 'delete');
if ($this->User->delete()) {
$this->Session->setFlash(__('The user has been deleted.'));
} else {
$this->Session->setFlash(__('The user could not be deleted. Please, try again.'));
}
return $this->redirect(array('action' => 'index'));
}
}
?>
=&GT;我有两个用户注册。 1)管理员,2)客户。
a)当我以管理员身份登录时,工作正常, b)当我作为客户端登录并尝试查看/编辑/删除自己的工作完美时,但是当我尝试编辑另一个用户时,它拒绝该操作(正如它所假设的那样),但是当它重定向时它不会重定向到索引页面,但应用程序根文件夹,生成和错误。
我有一个名为cakeaproject的文件夹,其中我的应用程序是lyes。
http://localhost/cakeaproject/users/
并且authError重定向到:
http://localhost/cakeaproject/cakeaproject/users/
Missing Controller
Error: CakeappprojectsController could not be found.
Error: Create the class CakeaprojectController below in file: app\Controller\ CakeaprojectController.php
<?php
class CakeaprojectController extends AppController {
}
我的routing.php文件如下:
应用/配置/ routes.php文件
Router::connect('/', array('controller' => 'users', 'action' => 'index','home'));
Router::connect('/login', array('controller' => 'users', 'action' => 'login'));
Router::connect('/register', array('controller' => 'users', 'action' => 'add'));
Router::connect('/pages/*', array('controller' => 'pages', 'action' => 'display'));
CakePlugin::routes();
require CAKE . 'Config' . DS . 'routes.php';
?>
最好的部分是在Moxilla / Safari(用于桌面)/ Tourch上工作正常 在Chrome / SeaMonkey / IE上有问题。
答案 0 :(得分:1)
我会将它放在afterRender()中的Users控制器中;过滤器如:
所以:
应用/控制器/ UsersController.php
public function beforeRender() {
parent::beforeRender();
$this->Auth->unauthorizedRedirect = array('controller'=>'users','action'=>'index');
}
答案 1 :(得分:0)
要修改unauthorizeRedirect,请参阅:http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html#AuthComponent :: $ unauthorizedRedirect
在您的控制器中
'Auth' => array(
'loginAction' => array('controller' => 'users', 'action' => 'login'),
'loginRedirect' => array('controller' => 'users', 'action' => 'index'),
'logoutRedirect' => array('controller' => 'users', 'action' => 'login'),
'authError' => 'Youd dont have permission for that action.',
'loginError' => 'Invalid Username or Password entered, please try again.',
'authorize'=>array('Controller'),.
'unauthorizedRedirect'=>array('controller'=>'yours','action'=>'...')
)