我有登录表单,LoginForm.class.php:
public function configure()
{
$this->setWidgets(array(
'username' => new sfWidgetFormInput(array(), array('style' => 'width:130px;')),
'password' => new sfWidgetFormInputPassword(array(), array('style' => 'width:130px;'))
));
$this->setValidators(array(
'username' => new sfValidatorString(array('required' => TRUE), array('required' => 'Please provide your username.')),
'password' => new sfValidatorString(array('required' => TRUE), array('required' => 'Please provide your password.'))
));
$this->validatorSchema->setPostValidator(new sfValidatorCallback(array('callback' => array($this, 'checkUserdata'))));
$this->widgetSchema->setNameFormat('user[%s]');
}
public function checkUserdata($validator, $values)
{
if ($values['username'] && $values['password'])
{
$currUser = sfContext::getInstance()->getRequest()->getParameter('user');
$oUser = Doctrine_Core::getTable('user')->findOneByUsernameAndPassword($values['username'], md5($values['password']));
if($oUser)
{
if($oUser->getSuspend() == 0)
{
//Previous credentials are removed
if(sfContext::getInstance()->getUser()->isAuthenticated())
{
sfContext::getInstance()->getUser()->getAttributeHolder()->removeNamespace('ns_user');
sfContext::getInstance()->getUser()->setAuthenticated(false);
sfContext::getInstance()->getUser()->clearCredentials();
}
//This new user is authenticated
sfContext::getInstance()->getUser()->setAuthenticated(true);
//All info about the user is stored into a session variable
sfContext::getInstance()->getUser()->setAttribute('id', $oUser->getId(), 'ns_user');
sfContext::getInstance()->getUser()->setAttribute('username', $oUser->getUsername(), 'ns_user');
sfContext::getInstance()->getUser()->setAttribute('name', $oUser->getName(), 'ns_user');
sfContext::getInstance()->getUser()->setAttribute('type', $oUser->getType(), 'ns_user');
//credentials are set
sfContext::getInstance()->getUser()->addCredential('user');
}
else
{
throw new sfValidatorError($validator, 'This user is suspended. Please activate before login.');
}
}
else
{
throw new sfValidatorError($validator, 'Wrong username or password.');
}
}
return $values;
}
在loginActions中:
public function executeIndex(sfRequest $request)
{
$this->setTitle('Authentication');
$this->form = new LoginForm(); //A new form object is created
if($request->isMethod('post')) //It checks if it comes from Post
{
$this->form->bind($request->getParameter('user'));
$user = $request->getParameter('user');
if($this->form->isValid()) //If form validation is ok
{
if(($user['username'] == "admin" && $user['password'] == "admin") || $this->getUser()->getAttribute('type','','ns_user') == 'admin')
return $this->redirect('admin/index');
else
return $this->redirect('home/index');
}
}
}
public function executeLogout($request)
{
//Authentication data is removed
if($this->getUser()->isAuthenticated())
{
$this->getUser()->getAttributeHolder()->removeNamespace('ns_user');
$this->getUser()->setAuthenticated(false);
$this->getUser()->clearCredentials();
}
return $this->redirect('login/index');
}
如果登录会话已过期,我按任意按钮会显示异常 - 错误404。 会话过期后如何保持登录状态?
谢谢
答案 0 :(得分:1)
尝试转到apps/[your_application_name]/[your_module_name],您应该在其中看到操作文件夹和模板文件夹。然后在模块文件夹中添加名为config的文件夹(如果没有)(与actions文件夹和模板文件夹并行),并在config文件夹中添加名为security.yml的文件。
在security.yml文件中添加以下代码以禁用模块级别的身份验证:
all:
is_secure: false
您的apps/[your_application_name]文件夹中还有config文件夹,如果您要删除应用程序级别的身份验证,请在apps/[your_application_name]/config/security.yml
default:
is_secure: false