CakePHP 2.1-作为具有身份验证的Web应用程序和REST服务
[英]CakePHP 2.1 - As a web application and REST service with Authentication
问题描述
I'm currently developing a CakePHP application which currently has form authentication. 
我目前正在开发目前具有表单身份验证的CakePHP应用程序。 I would also like to open up this application for other applications to connect to via REST. 我还想打开此应用程序,以供其他应用程序通过REST连接。
I know that CakePHP would be able to do this using the 我知道CakePHP可以使用
Router::mapResources()
and 和
Router::parseExtensions()
However, I'm unsure how to get this working with say Basic or Digest HTTP authentication. 但是,我不确定如何使用基本或摘要HTTP身份验证来实现此功能。
I've got the following in the AppController.php 我在AppController.php中有以下内容
public $components = array(
'Session',
'Auth' => array(
'authenticate' => array(
'Form'
),
'loginAction' => array(
'admin' => false,
'controller' => 'users',
'action' => 'login'
),
'loginRedirect' => array(
'controller' => 'users',
'action' => 'home'
)
)
);
If for the authenticate field, I had in 'Basic' for example - when logging into the web based version, I get an HTTP auth box and not the web based form. 例如,如果对于身份验证字段,我输入的是“基本”,则在登录基于Web的版本时,我会收到一个HTTP身份验证框,而不是基于Web的表单。
What is the best way of doing this? 最好的方法是什么? The only way I can think of at the moment is to create a separate ApiController and manually do authentication? 我目前唯一想到的方法是创建一个单独的ApiController并手动执行身份验证?
Any advise would be awesome. 任何建议都会很棒。
Update: 更新:
This is my revised code which is giving me the correct behavour - I'm pretty sure that there should be a better way to do this. 这是我修改后的代码,它使我有正确的行为-我很确定应该有更好的方法来做到这一点。
class AppController extends Controller {
public $components = array(
'Session',
'RequestHandler',
'Auth' => array(
'loginAction' => array(
'admin' => false,
'controller' => 'users',
'action' => 'login'
),
'loginRedirect' => array(
'controller' => 'users',
'action' => 'home'
)
)
);
public $helpers = array('Html', 'Form', 'Session');
public function beforeFilter() {
$header = $_SERVER['HTTP_AUTHORIZATION'];
if($header) {
$this->Auth->authenticate = array('Basic');
}
}
}
2 个解决方案
解决方案1
1 已采纳 2012-06-25 12:26:54
public function beforeFilter() {
// Change the authentication if using REST
if($this->params['ext'] == 'json') {
$this->Auth->authenticate = array('Basic');
}
}
This checks for a JSON extension, if the request contains it - then switch to Basic authentication. 如果请求包含扩展名,它将检查JSON扩展名-然后切换到基本身份验证。
解决方案2
0 2012-06-21 09:18:25
Check the Authentication chapter in the CakePHP book. 检查CakePHP书中的Authentication一章。
CakePHP supports Form, Basic, and Digest and you can create your own authentication objects and use them. CakePHP支持Form,Basic和Digest,您可以创建自己的身份验证对象并使用它们。
You can load multiple authentication objects and Cake will log the user in when the first of them returns true to the auth handler. 您可以加载多个身份验证对象,并且当第一个对象对身份验证处理程序返回true时,Cake会将用户登录。 You only have the Form auth object loaded, no idea why you get the http auth box. 您只加载了表单身份验证对象,不知道为什么会收到http身份验证框。 It is unlikely that Cake is the issue. Cake不太可能成为问题。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.