我在stackoverflow上搜索了很多帖子以获得答案,而且我只是忽略了一些东西,但我似乎无法获得$this-> Auth-> login()来工作.我从其他帖子中尝试过很多不同的建议.在描述我尝试过的其他方法时,我会尽量做到尽可能彻底.
我确实添加了一个用户工作. MD5哈希工作正常.我打了一个密码然后用奇迹沙拉md5 http://www.miraclesalad.com/webtools/md5.php检查了它
我不使用盐来进行散列.我没有盐就使用MD5.
我正在使用的数据库是Postgresql 9.0.我知道一些CakePHP魔法对所有数据库都不起作用(或者我被告知).
应用程序/配置/ core.PHP中
Configure::write('Security.level','medium'); /** * A random string used in security hashing methods. */ Configure::write('Security.salt','');
我使用Auth->字段将密码映射到user_password,将用户名映射到DB中的user_name. user_password和user_name是core_users表中的列.我也在beforeFilter()方法中.
$this->Auth->fields = array('username' => 'user_name','password' => 'user_password');
应用程序/控制器/ AppController.PHP
class AppController extends Controller {
public $components = array(
'Session','Auth' => array(
'loginRedirect' => array('controller' => 'pages','action' => 'index'),'logoutRedirect' => array('controller' => 'pages','action' => 'display','home'),'loginAction' => array('admin' => false,'controller' => 'CoreUsers','action' => 'login'),/*'fields' => array('password' => 'user_password','username' => 'user_name'),*/
'usermodel' => 'CoreUser'
)
);
public function beforeFilter() {
Security::setHash('md5');
$this->Auth->allow('login');
//debug($this->Auth);
}
}
我离开了调试,因此您可以看到它们的处理顺序,我将向您展示它们的打印方式.
应用程序/控制器/ CoreUsersController.PHP
public function login() {
Security::setHash('md5');
//debug($this->Auth);
if ($this->request->is('post')) {
debug(Security::hash($this->Auth->request->data['CoreUser']['user_password']));
debug($this->Auth);
debug(Configure::version());
debug($this->Auth->request->data['CoreUser']['user_password']);
debug($this->Auth->request->data['CoreUser']['user_name']);
if ($this->Auth->login()) {
debug($this->Auth->request->data['CoreUser']['user_password']);
$this->redirect($this->Auth->redirect());
} else {
debug($this->Auth->request->data['CoreUser']['user_password']);
$this->Session->setFlash(__('Invalid username or password,try again'));
}
}
}
public function logout() {
$this->redirect($this->Auth->logout());
}
应用程序/型号/ CoreUser.PHP
App::uses('AuthComponent','Controller/Component');
class CoreUser extends AppModel{
public $primaryKey = 'user_id';
public $sequence = 'core_user_id_seq';
public $name = 'CoreUser';
public $validate = array(
'user_name' => array(
'required' => array(
'rule' => array('notEmpty'),'message' => 'User name is required'
)
),'user_password' => array(
'required' => array(
'rule' => array('notEmpty'),'message' => 'Password is required'
)
),'privilege_id' => array(
'required' => array(
'rule' => array('notEmpty'),'message' => 'Privilege ID is required'
),'legalValues' => array(
'rule' => array('between',1,4),'message' => 'Privilege must be between 1 and 4'
)
),'user_initial' => array(
'required' => array(
'rule' => array('notEmpty'),'message' => 'User initials is required'
)
),'email' => array(
'rule' => array('email',true),'message' => 'Email must have an \'@\' symbol and a domain e.g. .com'
)
);
public function beforeSave() {
Security::setHash('md5');
if (isset($this->data[$this->alias]['user_password'])) {
$this->data[$this->alias]['user_password'] = AuthComponent::password($this->data[$this->alias]['user_password']);
}
return true;
}
}
应用程序/查看/ CoreUsers / login.ctp
<h3>Login</h3> <div class="users form"> <?PHP echo $this->Session->flash('auth'); ?> <?PHP echo $this->Form->create('CoreUser');?> <fieldset> <legend><?PHP echo __('Please enter your username and password'); ?></legend> <?PHP echo $this->Form->input('user_name'); echo $this->Form->input('user_password'); ?> </fieldset> <?PHP echo $this->Form->end(__('Login'));?> </div>
调试输出
所有这些都来自CoreUsersController并按顺序处理它们.
'098f6bcd4621d373cade4e832627b4f6'
Auth对象
object(AuthComponent) {
components => array(
(int) 0 => 'Session',(int) 1 => 'RequestHandler'
)
authenticate => array(
(int) 0 => 'Form'
)
authorize => false
ajaxLogin => null
flash => array(
'element' => 'default','key' => 'auth','params' => array()
)
loginAction => array(
'admin' => false,'action' => 'login'
)
loginRedirect => array(
'controller' => 'pages','action' => 'index'
)
logoutRedirect => array(
'controller' => 'pages',(int) 0 => 'home'
)
authError => 'You are not authorized to access that location.'
allowedActions => array(
(int) 0 => 'login'
)
request => object(CakeRequest) {
params => array(
'plugin' => null,'action' => 'login','named' => array(),'pass' => array()
)
data => array(
'CoreUser' => array(
'user_name' => 'testy5','user_password' => 'test'
)
)
query => array()
url => 'CoreUsers/login'
base => '/cpm_v2_dev'
webroot => '/cpm_v2_dev/'
here => '/cpm_v2_dev/CoreUsers/login'
}
response => object(CakeResponse) {
}
settings => array(
'loginRedirect' => array(
'controller' => 'pages','action' => 'index'
),'logoutRedirect' => array(
'controller' => 'pages',(int) 0 => 'home'
),'loginAction' => array(
'admin' => false,'action' => 'login'
),'usermodel' => 'CoreUser'
)
usermodel => 'CoreUser'
}
CakePHP的版本
'2.1.0'
调用login()之前的密码
'test'
'testy5'
调用login()后的密码
'test'
这是我在其他stackoverflow帖子中读过的快速列表,我已经尝试过了.如果您需要我详细说明,请告诉我.
1)我将用户名和密码映射到DB中的字段.这是对字段的评论.我也试过在beforeFilter()方法中做到这一点.使用:
$this->Auth->fields = array('username' => 'user_name','password' => 'user_password');
在登录视图中,表单是这样创建的:
$this->Form->input('username');
$this->Form->input('password');
2)我尝试在登录前手动散列密码,如下所示:
$this->Auth->request->data['CoreUser']['password'] = Security::hash($this->Auth->request->data['CoreUser']['password']) if ($this->Auth->login()) { $this->redirect($this->Auth->redirect()); }
EDIT0
3)我刚尝试按照CakePHP 2.0 Auth Login not working的建议这样做
我的AuthComponent现在看起来像这样:
public $components = array(
'Session','Auth' => array(
'authenticate' => array(
'Form' => array(
'usermodel' => 'CoreUser','fields' => array(
'username' => 'user_name','password' => 'user_password'
)
)
),'loginRedirect' => array('controller' => 'pages','action' => 'login')
)
);
解决方法
我最终做的是解决这个问题,正如CakePHP所做的那样完全遵循教程.我也升级到了2.1.2.我正在运行2.1.0.
http://book.cakephp.org/2.0/en/tutorials-and-examples/blog-auth-example/auth.html
然后我慢慢添加了我需要的配置.有关我引用的Auth组件的信息:
http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html
真的是我的问题是糟糕的故障排除.我会做一堆改变而不是一次改变.我有两种不同的登录方式
$this->Form->input('username');
$this->Form->input('password');
现在它看起来像这样:
echo $this->Form->input('user_name');
echo $this->Form->Label('Password');
echo $this->Form->password('user_password');
第二个版本有效.
EDIT0:
这是非常重要的.如果没有调用AppController父级,登录将无法正常工作.
class CoreUsersController extends AppController{
public $helpers = array('Html','Form');
public function beforeFilter() {
parent::beforeFilter();
}
Auth组件的修订版有效:
public $components = array(
'Session','action' => 'login')
)
);
我的盐仍然是一个空字符串:
Configure::write('Security.salt','');
只在一个地方需要设置md5哈希.在模型中的beforeSave()中不需要它:
public function beforeFilter() {
Security::setHash('md5');
$this->Auth->allow('login','add');
}
beforeSave():
public function beforeSave() {
if (isset($this->data[$this->alias]['user_password'])) {
$this->data[$this->alias]['user_password'] = AuthComponent::password($this->data[$this->alias]['user_password']);
}
return true;
}
