[英]Yii: User Auth not working
SO I try to login to an app in Yii, it seems to stop at their the validate or the login function of my site controller. 所以我尝试登录Yii中的一个应用程序,它似乎停止了我的站点控制器的验证或登录功能。 It never logs in it never does anything useful. 它从不登录,从不做任何有用的事情。 Nothing displays, no error, nada zip 无显示,无错误,nada zip
I was following: http://www.larryullman.com/2010/01/04/simple-authentication-with-the-yii-framework/ 我正在关注: http : //www.larryullman.com/2010/01/04/simple-authentication-with-the-yii-framework/
UserIdentity class: UserIdentity类别:
class UserIdentity extends CUserIdentity
public function authenticate()
{
$user = User::model()->findByAttributes(array('username'=>$this->username));
$saltedPW = ""; // null string for salted PW
if ($user===null) { // No user found!
$this->errorCode=self::ERROR_USERNAME_INVALID;
}
if ($user!==null){
// salt the user password string then hash
// incase $user pw is not a salted hash, rather a password string
$saltedPW = md5(Yii::app()->params["salt"] . $user->password);
//testing the password
if (($user->password !== $this->password) ||
($saltedPW !== $this->password))
{
$this->errorCode=self::ERROR_PASSWORD_INVALID;
}
else
{
$this->errorCode=self::ERROR_NONE;
}
}
return !$this->errorCode;
}
} }
login from site controller: 从站点控制器登录:
public function actionLogin()
{
$model=new LoginForm;
// if it is ajax validation request
if(isset($_POST['ajax']) && $_POST['ajax']==='login-form')
{
echo CActiveForm::validate($model);
Yii::app()->end();
}
// collect user input data
if(isset($_POST['LoginForm']))
{
$model->attributes=$_POST['LoginForm'];
// validate user input and redirect to the previous page if valid
if($model->validate() && $model->login())
{
$this->redirect(Yii::app()->user->returnUrl);
}
else
{
$this->render('login',array('model'=>$model));
}
}
// display the login form
$this->render('login',array('model'=>$model));
}
Login form 登录表单
class LoginForm extends CFormModel
{
public $username;
public $password;
public $rememberMe;
private $_identity;
/**
* Declares the validation rules.
* The rules state that username and password are required,
* and password needs to be authenticated.
*/
public function rules()
{
return array(
// username and password are required
array('username, password', 'required'),
// rememberMe needs to be a boolean
array('rememberMe', 'boolean'),
// password needs to be authenticated
array('password', 'authenticate'),
);
}
/**
* Declares attribute labels.
*/
public function attributeLabels()
{
return array(
'rememberMe'=>'Remember me next time',
);
}
/**
* Authenticates the password.
* This is the 'authenticate' validator as declared in rules().
*/
public function authenticate($attribute,$params)
{
if(!$this->hasErrors())
{
$this->_identity=new UserIdentity($this->username,$this->password);
if(!$this->_identity->authenticate())
$this->addError('password','Incorrect username or password.');
}
}
/**
* Logs in the user using the given username and password in the model.
* @return boolean whether login is successful
*/
public function login()
{
if($this->_identity===null)
{
$this->_identity=new UserIdentity($this->username,$this->password);
$this->_identity->authenticate();
}
if($this->_identity->errorCode===UserIdentity::ERROR_NONE)
{
$duration=$this->rememberMe ? 3600*24*30 : 0; // 30 days
Yii::app()->user->login($this->_identity,$duration);
return true;
}
else
return false;
}
}
I just replaced the UserIdentity Class with this and its working. 我只是用它及其工作替换了UserIdentity类。
protected/components/UserIdentity.php protected / components / UserIdentity.php
<?php
/**
* UserIdentity represents the data needed to identity a user.
* It contains the authentication method that checks if the provided
* data can identity the user.
*/
class UserIdentity extends CUserIdentity {
/**
* Id for current user.
* @var type
*/
private $_id;
/**
* Email address variable.
* @var type
*/
public $email;
/**
* Custom error indicators.
*/
const ERROR_EMAIL_INVALID = 3;
const ERROR_ACCOUNT_INACTIVE = 4;
/**
* Over-ride the parent constructor and uses email for auth.
* @param type $email
* @param type $password
*/
public function __construct($email, $password) {
$this->email = $email;
$this->username = $email;
$this->password = $password;
}
public function authenticate() {
// we need to filter on email only
$attrs = array('email' => $this->email);
// obtain all users matching this criterion
$record = User::model()->findByAttributes($attrs);
// if no users are obtained, we need to set custom message.
if ($record === null)
$this->errorCode = self::ERROR_EMAIL_INVALID;
// if password does not match, indicate this via message.
else if ($record->password !== crypt($this->password, $record->password))
$this->errorCode = self::ERROR_PASSWORD_INVALID;
// check if user account is enabled.
else if ($record->is_authorised == 0)
$this->errorCode = self::ERROR_ACCOUNT_INACTIVE;
else {
// all check passed, now initiate a whatevr.
$this->_id = $record->id;
$this->email = $this->username = $record->email;
// no error occurred.
$this->errorCode = self::ERROR_NONE;
}
// return the errorCode.
return $this->errorCode;
}
/**
* Returns ID.
* @return type
*/
public function getId() {
return $this->_id;
}
/**
* Returns username, part before '@' sign.
* @return type
*/
public function getName() {
$usernameParts = explode('@', $this->email);
return $usernameParts[0];
}
}
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.