所有用户现在都可以登录前端和后端
如何在后端设置限制和过滤登录?!
这是我在后端的main-local.php
'modules' => [
'user' => [
'class' => 'dektrium\user\Module',
'enableUnconfirmedLogin' => true,
'confirmWithin' => 21600,
'cost' => 12,
'controllerMap' => [
'admin' => 'backend\controllers\user\AdminController',
'profile' => 'backend\controllers\user\ProfileController',
'recovery' => 'backend\controllers\user\RecoveryController',
'registration' => 'backend\controllers\user\RegistrationController',
'security' => 'backend\controllers\user\SecurityController',
'settings' => 'backend\controllers\user\SettingsController',
],
'admins' => ['admin']
],
]
我只希望管理员能够进入后端
答案 0 :(得分:0)
您可以使用rbac并设置管理员角色,然后在控制器中:
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'rules' => [
[
//if actions not set, it applies to all actions.
//'actions' => ['index'],
'allow' => true,
//the 'admin' is your RBAC auth item.
'roles' => ['admin'],
],
],
],
];
}
有关RBAC的更多信息,请参阅RBAC doc。
您也可以通过添加IP地址
来设置控制器过滤器 //'192.168.*' matches all IP addresses in the segment '192.168.'. If this option is empty or not set, it means this rule applies to all IP addresses.
'ips'=> ['192.168.*'],
最后,如果要设置全局访问控制过滤器,只需检查链接即可 To do it globally without inheritance