如何授权尝试登录的用户
[英]How to authorize user that tries to login
问题描述
I am using Auth for the first time and everytime I try to login, using the correct credentials, the login fails and I get the action login failure error message. 
我是第一次使用Auth,每次尝试使用正确的凭据登录时,登录都会失败,并且会收到操作登录失败错误消息。 How can I "mark" the user as an allowed user, to have access to the pages with prefix admin ? 如何将用户“标记”为允许用户访问具有前缀admin的页面?
I am using CakePhp 2.4.4 我正在使用CakePhp 2.4.4
AppController AppController的
class AppController extends Controller {
public $components = array('DebugKit.Toolbar',
'Session','Auth' => array(
'loginAction' => array('controller' => 'users', 'action' => 'login', 'admin' => false),
'logoutAction' => array('controller' => 'users', 'action' => 'logout', 'admin' => false),
'loginRedirect'=> '/admin',
'logoutRedirect' => array('controller' => 'users', 'action' => 'login', 'admin' => false),
'authError' => 'Não tem permissão para aceder a esta área. Por favor faça login.',
'authenticate' => array(
'Form' => array(
'fields' => array('username' => 'username', 'password' => 'password'
),
'userModel' => 'User'
)
)//,
//'authorize' =>array('Controller'),
//'passwordHasher' => array(
// 'className' => 'Simple',
// 'hashType' => 'sha1'
//)
)
/*,'Auth' => array(
'loginRedirect' => array('controller' => 'admins', 'action' => 'admin_index'),
'logoutRedirect' => array('controller' => 'home', 'action' => 'index'),
'authorize' => array('Controller')
)*/
);
public function beforeFilter(){
if($this->isPrefix('admin')){
if($this->isAuthorized('admin')){
if($this->Session->check('Auth.User.group_id')){
if($this->Session->read('Auth.User.group_id')==1){
//authorizes user to access pages with admin prefix
}else{
$this->Session->setFlash(__('Você não tem permissão para acessar essa URL'));
$this->Redirect('/login');
}
}else{
$this->Session->setFlash(__('Você não tem permissão para acessar essa URL'));
$this->Redirect('/login');
}
}else{
$this->Session->setFlash(__('Você não tem permissão para acessar essa URL'));
$this->Redirect('/login');
}
//$this->layout='admin';
}else{
$this->Auth->allow('index','ShowImages','ShowShowbill','ShowVideos','ShowContactUs','contact','login','DisplayMusic','DisplayEntertainment','DisplayPromotion','DisplayStaff','DisplayEquipments');
}
/*if($this->isPrefix('admin')){
if($this->Auth->loggedIn()){
if($this->Session->check('Auth.User.group_id')){
if($this->Session->read('Auth.User.group_id')==1){
}else{
$this->Session->setFlash(__('Você não tem permissão para acessar essa URL'));
$this->Redirect('/');
}
}
}
$this->layout='admin';
}else{
$this->Auth->allow('index','ShowImages','ShowShowbill','ShowVideos','ShowContactUs','contact','login','DisplayMusic','DisplayEntertainment','DisplayPromotion','DisplayStaff','DisplayEquipments');
}*/
//$this->Auth->allow('index','ShowImages','ShowShowbill','ShowVideos','ShowContactUs','login','ShowContactUs','timthumb');
//$this->Auth->allow('image');
}
public function isPrefix($prefix) {
return isset($this->request->params['prefix']) && $this->request->params['prefix'] == $prefix;
}
public function isAuthorized($user){
if(isset($user['role'])&&$user['role']==='admin'){
return true;
}
return false;
}
public $helpers = array('Html' ,
'Form' ,
'Timthumb.Timthumb',
'Paginator',
'Session',
'Js',
'Fancybox.Fancybox',
'Paginator',
);
} }
UsersController UsersController
public function login(){
if($this->request->is('post')){
//$user = array('User' => array('username'=> $this->request->data['User']['username'],'password'=> $this->request->data['User']['password']));
//debug(AuthComponent::user($this->data[$this->alias]['username']));
//debug(AuthComponent::password($this->data[$this->alias]['password']));
if($this->Auth->login()){
return $this->redirect($this->Auth->redirectUrl());
}
else{
$this->Session->setFlash(
__('O nome de utilizador ou a password estão incorrectos.'),
'default',array(),
'auth'
);
}
}
}
View 视图
<style>
#authMessage{
padding: 15px;
margin-bottom: 20px;
border: 1px solid transparent;
border-radius: 4px;
color: #b94a48;
background-color: #f2dede;
border-color: #eed3d7;
}
#flashMessage{
padding: 15px;
margin-bottom: 20px;
border: 1px solid transparent;
border-radius: 4px;
color: #b94a48;
background-color: #f2dede;
border-color: #eed3d7;
}
</style>
<h2>Login</h2>
<?php echo $this->Session->flash('auth'); ?>
<?php echo $this->Session->flash();?>
<div class="users form">
<?php echo $this->Form->create('User');?>
<fieldset>
<legend><?php echo "<div class=\"alert alert-info\">Por favor insira um nome de Administrador e a password.</div>"; ?></legend>
<?php
echo $this->Form->input('username');
echo $this->Form->input('password');
?>
</fieldset>
<?php
echo $this->Form->submit(__('Login'), array('class' => 'btn btn-success','formnovalidate' => true)) ;
echo $this->Form->end();
?>
</div>
1 个解决方案
解决方案1
0 2014-05-05 18:36:51
Correct and working code has be: 正确且有效的代码为:
public function login() {
if ($this->request->is('post')) {
if ($this->Auth->login()) {
return $this->redirect($this->Auth->redirect());
} else {
$this->Session->setFlash(__('Username or password is incorrect'),'flash_error', array(), 'auth');
}
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.
相关问题
如果用户试图绕过 PHP 中的登录过程,如何传递错误消息? - How to pass an error message if a user tries to bypass the login process in PHP?
如果用户直接尝试注销路由,我如何重定向到登录 - How can i redirect to login if user tries logout route directly
laravel形式的登录用户尝试注册时 - when login user in laravel form tries to register
Twitter oAuth登录。 如何首次获取getAuthorizeURL(authorize),以及在用户授予权限后如何获取(身份验证) - Twitter oAuth login. How to get getAuthorizeURL(authorize) for first time and (authenticate) once user has granted permissions
尝试过多后如何延迟登录尝试(PHP) - How to delay login attempts after too many tries (PHP)
如何在没有密码的情况下在MediaWiki 1.19中授权用户? - How to authorize user in MediaWiki 1.19 without password?
如何在有限的时间内对匿名用户进行身份验证/授权? - How to authenticate/authorize anonymous user for a limited time?
当用户未登录或用户尝试使用angularjs直接从URL访问页面时,重定向到登录 - Redirect to login when user is not logged in or user tries to access page directly from URL using angularjs
当他尝试提交或投票时,检查php中的用户登录状态? - Check for user login status in php when he tries to submit or vote something?
注销脚本,如果用户尝试使用来自其他位置的相同用户名登录,则从一个系统/位置启动用户 - logout script to kickoff the user from one system/location if he tries to login with the same username from other location
相关标签