[英]Ion_auth - multiple users on one session
我已經將ion_auth與codeigniter一起用於系統已有3年了。 突然,這些會話無法正常工作。
當用戶A登錄該網站時,他們的會話似乎已與所有其他用戶共享。 因此,當用戶B然后導航到任何一條路線時,它們都使用用戶A的憑據“登錄”。
我已經對多個用戶進行了測試,一旦一個用戶登錄到站點,訪問該站點的所有其他用戶將自動使用該用戶的憑據/會話登錄。
如果用戶注銷並調用了auth / logout路由,則該會話不會被破壞,並且所有用戶都將保持登錄狀態。
登錄后的初始重定向進入/ vehicle / index。 導航到檢查用戶是否已登錄的任何其他頁面后,您將被重定向到登錄名。
主控制器代碼:
public function vehicle()
{
if (!$this->ion_auth->logged_in())
{
redirect('auth/login');
}
else {
if (!$this->ion_auth->is_admin()) {
/**
*
* User IS NOT admin
*
**/
// Get User_id if standard user
$user = $this->ion_auth->user()->row();
// Build Crud
控制器auth.php
public function logout()
{
$this->data['title'] = "Logout";
// log the user out
$logout = $this->ion_auth->logout();
// redirect them to the login page
$this->session->set_flashdata('message', $this->ion_auth->messages());
redirect('auth/login', 'refresh');
}
服務器PHP版本5.6.30-建立日期2017年2月3日07:51:58
Codeigniter版本2.2.1-版本未更改
Ion_Auth配置:
$config['hash_method'] = 'bcrypt'; // sha1 or bcrypt, bcrypt is
STRONGLY recommended
$config['default_rounds'] = 8; // This does not apply if random_rounds is set to true
$config['random_rounds'] = FALSE;
$config['min_rounds'] = 5;
$config['max_rounds'] = 9;
$config['salt_prefix'] = version_compare(PHP_VERSION, '5.3.7', '<') ? '$2a$' : '$2y$';
/*
| -------------------------------------------------------------------------
| Authentication options.
| -------------------------------------------------------------------------
| maximum_login_attempts: This maximum is not enforced by the library, but is
| used by $this->ion_auth->is_max_login_attempts_exceeded().
| The controller should check this function and act
| appropriately. If this variable set to 0, there is no maximum.
*/
$config['site_title'] = "Cars in the park"; // Site Title, example.com
$config['admin_email'] = "nice@verynice.co.za"; // Admin Email, admin@example.com
$config['default_group'] = 'members'; // Default group, use name
$config['admin_group'] = 'admin'; // Default administrators group, use name
$config['identity'] = 'email'; // A database column which is used to login with
$config['min_password_length'] = 8; // Minimum Required Length of Password
$config['max_password_length'] = 20; // Maximum Allowed Length of Password
$config['email_activation'] = TRUE; // Email Activation for registration
$config['manual_activation'] = TRUE; // Manual Activation for registration
$config['remember_users'] = FALSE; // Allow users to be remembered and enable auto-login
$config['user_expire'] = 30; // How long to remember the user (seconds). Set to zero for no expiration
$config['user_extend_on_login'] = FALSE; // Extend the users cookies every time they auto-login
$config['track_login_attempts'] = TRUE; // Track the number of failed login attempts for each user or ip.
$config['track_login_ip_address'] = TRUE; // Track login attempts by IP Address, if FALSE will track based on identity. (Default: TRUE)
$config['maximum_login_attempts'] = 3; // The maximum number of failed login attempts.
$config['lockout_time'] = 600; // The number of seconds to lockout an account due to exceeded attempts
$config['forgot_password_expiration'] = 0; // The number of milliseconds after which a forgot password request will expire. If set to 0, forgot password requests will not expire.
會話配置:
$config['sess_cookie_name'] = 'ci_session';
$config['sess_expiration'] = 30;
$config['sess_expire_on_close'] = TRUE;
$config['sess_encrypt_cookie'] = FALSE;
$config['sess_use_database'] = FALSE;
$config['sess_table_name'] = 'ci_sessions';
$config['sess_match_ip'] = FALSE;
$config['sess_match_useragent'] = FALSE;
$config['sess_time_to_update'] = 30;
會話變量(用於登錄用戶。所有其他用戶在會話中具有相同的信息):
stdClass Object ( [id] => 1148 [ip_address] => [username] => testing [password] => $2y$08$Q4fjUfsuOKM/Q8cnQt6j0uSXP.3mCqMnzDY1nBA9RDlwm [salt] => sadsda [email] => email@email.com [activation_code] => [forgotten_password_code] => [forgotten_password_time] => [remember_code] => [created_on] => 1426181328 [last_login] => 1490008619 [active] => 1 [first_name] => Name [last_name] => Testing [company] => [phone] => [user_id] => 1148 )
$config['sess_driver'] = 'database';
$config['sess_save_path'] = 'ci_sessions';
ci_sessions
: 對於MySQL:
DROP TABLE IF EXISTS `ci_sessions`;
CREATE TABLE IF NOT EXISTS `ci_sessions` (
`id` varchar(128) NOT NULL,
`ip_address` varchar(45) NOT NULL,
`timestamp` int(10) unsigned DEFAULT 0 NOT NULL,
`data` blob NOT NULL,
KEY `ci_sessions_timestamp` (`timestamp`)
);
對於PostgreSQL:
CREATE TABLE "ci_sessions" (
"id" varchar(128) NOT NULL,
"ip_address" varchar(45) NOT NULL,
"timestamp" bigint DEFAULT 0 NOT NULL,
"data" text DEFAULT '' NOT NULL
);
CREATE INDEX "ci_sessions_timestamp" ON "ci_sessions" ("timestamp");
“數據庫”驅動程序使用關系數據庫(例如MySQL或PostgreSQL)來存儲會話。 這是許多用戶中的一個流行選擇,因為它使開發人員可以輕松訪問應用程序中的會話數據-它只是數據庫中的另一個表。
但是,必須滿足一些條件:
$this->db
訪問的數據庫連接 )。 資料來源: Codeigniter會議
這是服務器問題(共享主機)。 我將整個應用程序移到了新主機(vps主機)上,一切都像以前一樣工作。
如Rafiq和其他評論者建議的那樣,更改為數據庫會話確實對測試有所幫助。
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.