我正在学习cakePHP 3申请实习,我现在正在学习Official cookbook from cakePHP.org的教程,但我讨厌这本书。这很令人困惑。
无论如何,我做了Bookmarker示例的步骤并且它有点工作,我做了所有事情,正如本书告诉我做的那样直到登录和退出部分,但当我尝试从系统注销时,它告诉我“您无权访问该位置。”
如果您需要我的项目中的任何更多代码,请告诉我。
要注销,我将使用以下代码指导用户,该代码会生成指向server/users/logout的超链接:
<?= $this->Html->link(__('Log out'), ['controller' => 'Users', 'action' => 'logout']) ?>
/rootOfProject/src/Controller/AppController.php:
namespace App\Controller;
use Cake\Controller\Controller;
class AppController extends Controller {
public function initialize() {
$this->loadComponent('Flash');
$this->loadComponent('Auth', [
'authenticate' => [
'Form' => [
'fields' => [
'username' => 'email',
'password' => 'password'
]
]
],
'unauthorizedRedirect' => [
'controller' => 'Users',
'action' => 'login'
],
'authorize' => 'Controller'
]);
$this->Auth->allow(['display']);
}
public function isAuthorized($user) {
return false;
}
}
/rootOfProject/src/Controller/UsersController.php:
namespace App\Controller;
use App\Controller\AppController;
class UsersController extends AppController {
public function index() {
$this->set('users', $this->paginate($this->Users));
}
public function view($id = null) {
$user = $this->Users->get($id, [
'contain' => ['Bookmarks']
]);
$this->set('user', $user);
}
public function add() {
$user = $this->Users->newEntity($this->request->data);
if ($this->request->is('post')) {
if ($this->Users->save($user)) {
$this->Flash->success('The user has been saved.');
return $this->redirect(['action' => 'index']);
} else {
$this->Flash->error('The user could not be saved. Please, try again.');
}
}
$this->set(compact('user'));
}
public function edit($id = null) {
$user = $this->Users->get($id, [
'contain' => []
]);
if ($this->request->is(['patch', 'post', 'put'])) {
$user = $this->Users->patchEntity($user, $this->request->data);
if ($this->Users->save($user)) {
$this->Flash->success('The user has been saved.');
return $this->redirect(['action' => 'index']);
} else {
$this->Flash->error('The user could not be saved. Please, try again.');
}
}
$this->set(compact('user'));
}
public function delete($id = null) {
$user = $this->Users->get($id);
$this->request->allowMethod(['post', 'delete']);
if ($this->Users->delete($user)) {
$this->Flash->success('The user has been deleted.');
} else {
$this->Flash->error('The user could not be deleted. Please, try again.');
}
return $this->redirect(['action' => 'index']);
}
public function login() {
if ($this->request->is('post')) {
$user = $this->Auth->identify();
if ($user) {
$this->Auth->setUser($user);
return $this->redirect($this->Auth->redirectUrl());
}
$this->Flash->error('Your username or password is incorrect.');
}
}
public function logout() {
$this->Flash->success('You are now logged out.');
return $this->redirect($this->Auth->logout());
}
public function beforeFilter(\Cake\Event\Event $event) {
$this->Auth->allow(['add']);
}
}
答案 0 :(得分:2)
您拒绝所有使用isAuthorized()回调但仅返回false的用户访问。因此,只有明确允许的操作($this->Auth->allow())以及隐式允许的登录操作才可访问。
如果您不想实施任何授权(身份验证!=授权)检查,请从控制器中删除回调以及身份验证组件配置中的authorize选项。
有关授权的详情,请参阅 http://book.cakephp.org/3.0/en/controllers/components/authentication.html#authorization 。
答案 1 :(得分:0)
在AppController中添加以下内容:
<?php
public function isAuthorized($user)
{
$action = $this->request->params['action'];
// The add and index actions are always allowed.
if (in_array($action, ['logout'])) {
return true;
}else{
return false;
}
}
?>