Yii2-用户身份安全吗?
[英]Yii2 - User Identity Secure?
问题描述
Is there any way a user can force switch his Yii::$app->user->identity without logging into another account? 
用户有什么方法可以在不登录另一个帐户的情况下强制切换其Yii::$app->user->identity ?
During development I was logged in as user id #1. 在开发期间,我以用户ID#1登录。 I made some design changes to the view then hit refresh then I was suddenly logged in as user id #3 (which I don't have the access details for) 我对视图进行了一些设计更改,然后单击刷新,然后突然以用户ID#3登录(我没有访问详细信息)
I relogged and tried replicating the issue but it never happened again 我重新记录并尝试复制该问题,但此事再也没有发生
2 个解决方案
解决方案1
1 2015-05-13 18:38:06
Yii \\ web \\ User setIdentity中有一个方法
解决方案2
0 2016-07-07 16:54:52
Maybe you opened another session in other tab or window. 也许您在其他标签或窗口中打开了另一个会话。 Probably that was the issue. 可能就是这个问题。 It never happened to me. 这从来没有发生在我身上。 If you want to force it you can use: 如果要强制使用,可以使用:
http://www.yiiframework.com/doc-2.0/yii-web-user.html#switchIdentity()-detail http://www.yiiframework.com/doc-2.0/yii-web-user.html#switchIdentity()-detail
I have never use it personally, but it is available. 我从未亲自使用过它,但是可以使用。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.