在CakePHP 2.0之前,你可以允许用户通过停止autoRedirect,然后在你的数据库的用户名数据的电子邮件列比较使用他们的电子邮件地址登录(显然蛋糕然后可以回退到用户名检查,如果不是电子邮件)。登录在CakePHP的2.0版的电子邮件地址或用户名
在CakePHP 2.0这种情况已经改变,你登录使用$this->Auth->login()
我的问题是我怎么得到这个工作2.0手动?我有一些非常复杂的代码,可以处理各种各样的事情,例如处理ajax和回发请求,如果用户尝试登录太多次时锁定账户等,所以它非常长!
正如您将看到的那样,我将检查帐户是否实际存在,以便在通过身份验证过程前可以显示未找到的帐户消息(如果出现此情况,还可以使用此功能锁定该用户的帐户)尝试。
这里的主要问题是允许系统检查用户名和电子邮件地址以进行身份验证,如果您使用电子邮件地址进行验证,系统就会锁定用户,但它会始终因为身份验证无法处理它而失败。
希望有人能帮助,提供意见建议。由于
if ($this->request->is('post'))
{
$opts = array(
'conditions'=>array(
'OR'=>array(
'User.username'=>$this->data['User']['username'],
'User.email'=>$this->data['User']['username']
)
)
);
$user = $this->User->find('first', $opts);
if(!empty($user))
{
if($user['User']['status'] == 0)
{
if($this->request->is('ajax'))
{
$this->autoRender = false;
echo json_encode(array('authenticated'=>false,'error'=>__('Sorry your account is currently locked. Please reset your password.?')));
}
else
{
$this->Session->setFlash(__('Sorry your account is currently locked. Please reset your password.'), 'default', array(), 'auth');
}
}
else
{
if ($this->Auth->login())
{
if ($this->request->is('ajax'))
{
$this->autoRender = false;
if(isset($this->params['url']['continue']))
{
$pathtoredirect = $this->UrlEncode->base64url_decode($this->params['url']['continue']);
echo json_encode(array('authenticated'=>true,'redirect'=>$pathtoredirect,'base'=>false));
}
else
{
$pathtoredirect = $this->Auth->redirect();
echo json_encode(array('authenticated'=>true,'redirect'=>$pathtoredirect,'base'=>true));
}
}
else
{
if(isset($this->params['url']['continue']))
{
$pathtoredirect = $this->UrlEncode->base64url_decode($this->params['url']['continue']);
}
else
{
$pathtoredirect = $this->Auth->redirect();
}
return $this->redirect($pathtoredirect);
}
}
else
{
if($this->Session->read('attempts'))
{
$attempts = $this->Session->read('attempts') + 1;
}
else
{
$attempts = 1;
}
$this->Session->write('attempts', $attempts);
if($attempts >= 5)
{
$this->User->id = $user['User']['id'];
$this->User->saveField('status', 0);
if ($this->request->is('ajax'))
{
$this->autoRender = false;
echo json_encode(array('authenticated'=>false,'error'=>__('Username or password is incorrect. For security reasons this account has now been locked and you must reset your password to unlock it.')));
}
else
{
$this->Session->setFlash(__('Username or password is incorrect. For security reasons this account has now been locked and you must reset your password to unlock it.'), 'default', array(), 'auth');
}
}
else
{
if ($this->request->is('ajax'))
{
$this->autoRender = false;
echo json_encode(array('authenticated'=>false,'error'=>__('Username or password is incorrect')));
}
else
{
$this->Session->setFlash(__('Username or password is incorrect'), 'default', array(), 'auth');
}
}
}
}
}
else
{
if ($this->request->is('ajax'))
{
$this->autoRender = false;
echo json_encode(array('authenticated'=>false,'error'=>__('Sorry that account does not exist.')));
}
else
{
$this->Session->setFlash(__('Sorry that account does not exist.'), 'default', array(), 'auth');
}
}
}
不是查询数据库或者用户名= userInput或电子邮件= userInput为什么不使用正则表达式来确定他们是否已经输入的字符串是一个有效的电子邮件地址,检查电子邮件,如果是的话,用户名,如果它没有。 – CBusBus 2012-01-16 00:14:09
是的,但我如何使用2.0中的'$ this-> Auth-> login()'来做到这一点? – Cameron 2012-01-16 00:20:07
所以 - 长短期问题,你希望用户能够用单场登录,但你要检查它对阵双方的用户名域,并使用Cake的验证组件在电子邮件领域 - 对吗? – Dave 2012-01-16 03:55:05