我想重定向http://localhost/amrajegeachi14/admins/deshboard成功登录后http://localhost/amrajegeachi14/admins/login如果登录失败。我在adminsController:中的代码
class AdminsController extends AppController {
var $layout = 'admin';
public function beforeFilter() {
parent::beforeFilter();
// $this->Auth->allow('login');
}
function isAuthorized($user) {
if (isset($user['Admin'])) {
if ($user['Admin']['status'] == 'active') {
return TRUE;
}
}
return FALSE;
}
function login() {
$this->loadModel('Admin');
$this->layout = "admin-login";
// if already logged in check this step
if ($this->Session->check('Auth.User')) {
return $this->redirect(
array('controller' => 'admins', 'action' => 'deshboard'));
}
// after submit login form check this step
if ($this->request->is('post')) {
$password = Security::hash($this->request->data['Admin']['password'], NULL, true);
$admin = $this->Admin->find('first', array(
'conditions' => array('email' => $this->request->data['Admin']['email'], 'password' => $password)
));
if ($this->isAuthorized($admin)) {
$this->Auth->login($this->request->data['Admin']);
return $this->redirect('/admins/deshboard');
} else {
$this->Session->setFlash('Invalid username/password combination OR you are blocked, try again');
return $this->redirect('/admins/login');
;
}
}
}
public function logout() {
// $user = $this->Auth->user();
// $this->Session->destroy();
$this->Session->setFlash('you have successfully logged out');
$this->Auth->logout();
return $this->redirect(array('controller' => 'admins', 'action' => 'login'));
}
function deshboard() {
}
}
AppController.php 内部代码
class AppController extends Controller {
public $components = array(
'Session',
'Auth' => array(
'authenticate' => array(
'Form' => array(
'fields' => array(
'username' => 'email', //Default is 'username' in the userModel
'password' => 'password' //Default is 'password' in the userModel
),
'userModel' => 'Agent'
)
),
'loginAction' => array(
'controller' => 'admins',
'action' => 'login'
),
'loginRedirect' => array('controller' => 'admins', 'action' => 'deshboard'),
'logoutRedirect' => array('controller' => 'admins', 'action' => 'login'),
'authError' => "You can't acces that page",
'authorize' => 'Controller'
)
);
public function beforeFilter() {
//parent::beforeFilter();
$this->Auth->allow('index');
}
}
当我尝试登录时,它会重定向到http://localhost/amrajegeachi14/admins/login如果登录失败。很好。但当我提供有效的电子邮件和密码并成功登录时,它会重定向到http://localhost/amrajegeachi14/amrajegeachi14/admins/deshboard。应该是http://localhost/amrajegeachi14/admins/deshboard
当我更改isAuthorized()函数如下时,我感到很惊讶:
function isAuthorized($user) {
if (isset($user['Admin'])) {
if ($user['Admin']['status'] == 'active') {
return TRUE;
}
}
return true;
}
它重定向http://localhost/amrajegeachi14/admins/deshboard成功登录。但在这种情况下,如果用户名和密码不正确,登录就可以了。
这个问题扼杀了我的睡眠,让我发疯,我非常失望。我在谷歌上搜索了两天,但没有合适的解决方案。请帮帮我。
问题是,您的用户从未登录,因为您没有按照CakePHP的方式对用户进行身份验证。这是你的代码和评论:
// This should not be here... This should either be in a authentication
// component, or maybe not present at all if you use default authentication.
$password = Security::hash($this->request->data['Admin']['password'], NULL, true);
$admin = $this->Admin->find('first', array(
'conditions' => array(
'email' => $this->request->data['Admin']['email'],
'password' => $password
)
));
// This should not be called manually.
if ($this->isAuthorized($admin)) {
// Your problem is probably here, since you never check the return
// value of the login function.
$this->Auth->login($this->request->data['Admin']);
// You should use $this->Auth->redirectUrl()
return $this->redirect('/admins/deshboard');
} else {
$this->Session->setFlash('Invalid username/password combination OR you are blocked, try again');
return $this->redirect('/admins/login');
}
我确信$this->Auth->login ()调用总是返回false。登录方法将尝试使用您指定的身份验证组件(或默认组件)对用户进行身份验证。
你的密码可能在你的数据库中进行了散列,但你没有告诉组件如何散列,所以它无法验证你的用户。。。