我正在尝试在Cakephp3中实现摘要身份验证。在执行$ this-> Auth-> identify()
时,我不断得到“ false”我已经阅读了https://book.cakephp.org/3.0/en/controllers/components/authentication.html#using-digest-authentication,并且它与Basic Auth兼容(下面的代码中未包含)。
用户名为“ land.com”,密码为“ 1”。我有一个名为“ digest_hash”的必要列,其值为“ 93476ce5943ff6f42d37edd98ef034e5”的数据库设置。 Database-image
我的设置正确吗?我是否还缺少其他步骤?
使用POSTMAN发送,cakephp接收摘要标题,如下所示: Postman-image
'Authorization' => [
(int) 0 => 'Digest username="land.com", realm="test", nonce="random", uri="/users/mlogin", qop=auth, nc=, cnonce="", response="52cca0984c1c9e4547d1e01d9ef2a22e", opaque="nochange"'
],
AppController.php
<?php
namespace App\Controller;
use Cake\Controller\Controller;
use Cake\Event\Event;
class AppController extends Controller
{
public function initialize()
{
parent::initialize();
$this->loadComponent('RequestHandler', [
'enableBeforeRedirect' => false,
]);
$this->loadComponent('Flash');
$this->loadComponent('Auth', [
'authenticate' => [
'Digest' => [
'fields' => ['username' => 'username', 'password' => 'digest_hash'],
'userModel' => 'Users',
'realm' => 'test',
'nonce' => 'nonce',
// 'qop' => 'auth',
'opaque' => 'nochange',
],
],
'storage' => 'Memory',
'unauthorizedRedirect' => false
]);
}
}
UsersTable.php
<?php
namespace App\Model\Table;
use Cake\Auth\DigestAuthenticate;
use Cake\Event\Event;
use Cake\ORM\Table;
class UsersTable extends Table
{
public function beforeSave(Event $event)
{
$entity = $event->getData('entity');
// Make a password for digest auth.
$entity->digest_hash = DigestAuthenticate::password(
$entity->username,
$entity->plain_password,
'test'
);
return true;
}
}
?>
UsersController.php
<?php
namespace App\Controller;
use App\Controller\AppController;
use Cake\Controller\Controller;
use Cake\Event\Event;
class UsersController extends AppController
{
function beforeFilter(Event $event) {
parent::beforeFilter($event);
$this->Auth->allow( );
}
public function mlogin() {
debug( $this->request->getHeaders() );
$user = $this->Auth->identify();
debug( $user );
}
}