我已经成功地使用了Auth,但不幸的是,它似乎只能用于Session。我希望如果用户选中“记住我”复选框,我会使用Cookie,他将登录2周。我无法在官方书籍中找到任何内容,并且在Google中我找到了很少的博客文章。有没有什么办法可以在不重写核心的情况下实现呢?CakePHP用Auth记住我
回答
记住我不是别的,只是用cookie标识的会话,但Cookie生存期设置为无穷大。查看Config/core.php了解会话cookie的生命周期。
饼干寿命是不够的。您还必须在服务器上使会话持续很长时间。 – nIcO
看到这个网址我认为这对你非常有帮助。
http://lecterror.com/articles/view/cakephp-and-the-infamous-remember-me-cookie
或者试试这个
function login() {
if ($this->Auth->user()) {
if (!empty($this->data) && $this->data['User']['remember_me']) {
$cookie = array();
$cookie['username'] = $this->data['User']['username'];
$cookie['password'] = $this->data['User']['password'];
$this->Cookie->write('Auth.User', $cookie, true, COOKIE_EXPIRE);
unset($this->data['User']['remember_me']);
}
$this->LogDetail->Write('activity','has logged IN');
$this->redirect($this->Auth->redirect());
}
if (empty($this->data)) {
$cookie = $this->Cookie->read('Auth.User');
if (!is_null($cookie)) {
if ($this->Auth->login($cookie)) {
$this->Session->destroy('Message.Auth'); # clear auth message, just in case we use it.
$this->LogDetail->Write('activity','has been authenticated via cookie and is now logged IN');
$this->redirect($this->Auth->redirect());
} else {
$this->LogDetail->Write('activity','attempted to gain access with an invalid cookie');
$this->Cookie->destroy('Auth.User'); # delete invalid cookie
$this->Session->setFlash('Invalid cookie');
$this->redirect('login');
}
}
}
}
因为知道我的密码,即使是加密的,在一个cookie中的某个地方浮动,我也会觉得很不舒服。我认为在这种情况下,存储用户名就足够了。 – nIcO
在用户控制器:
public function beforeFilter() {
$this->Auth->allow(array('login', 'register'));
parent::beforeFilter();
}
public function login() {
if ($this->request->is('post')) {
if ($this->Auth->login()) {
// did they select the remember me checkbox?
if ($this->request->data['User']['remember_me'] == 1) {
// remove "remember me checkbox"
unset($this->request->data['User']['remember_me']);
// hash the user's password
$this->request->data['User']['password'] = $this->Auth->password($this->request->data['User']['password']);
// write the cookie
$this->Cookie->write('remember_me_cookie', $this->request->data['User'], true, '2 weeks');
}
return $this->redirect($this->Auth->redirect());
} else {
$this->Session->setFlash(__('Username or password is incorrect.'));
}
}
$this->set(array(
'title_for_layout' => 'Login'
));
}
public function logout() {
// clear the cookie (if it exists) when logging out
$this->Cookie->delete('remember_me_cookie');
return $this->redirect($this->Auth->logout());
}
在登录视图:
<h1>Login</h1>
<?php echo $this->Form->create('User'); ?>
<?php echo $this->Form->input('username'); ?>
<?php echo $this->Form->input('password'); ?>
<?php echo $this->Form->checkbox('remember_me'); ?> Remember Me
<?php echo $this->Form->end('Login'); ?>
在你的AppController:
public $components = array(
'Session',
'Auth',
'Cookie'
);
public $uses = array('User');
public function beforeFilter() {
// set cookie options
$this->Cookie->key = 'qSI232qs*&[email protected][email protected]*(XSL#$%)[email protected][email protected]#HKis~#^';
$this->Cookie->httpOnly = true;
if (!$this->Auth->loggedIn() && $this->Cookie->read('remember_me_cookie')) {
$cookie = $this->Cookie->read('remember_me_cookie');
$user = $this->User->find('first', array(
'conditions' => array(
'User.username' => $cookie['username'],
'User.password' => $cookie['password']
)
));
if ($user && !$this->Auth->login($user['User'])) {
$this->redirect('/users/logout'); // destroy session & cookie
}
}
}
我认为你需要了解CakePHP的安全级别。尝试降低你的cakePHP的安全性。 CakePHP的配置变量documentation。我很早以前就写了一篇关于它的文章blog。
这个问题已经回答了一段时间,但希望这可以帮助那些追随我的人。
我写了关于如何建立从Ceeram
更多的信息在这里 '记住我' 使用Auhenticate插件功能简单步骤:http://mirkoborivojevic.com/posts/2013/08/10/setup-remember-me-functionality-in-cakephp/
你可以试试这个
if ($this->Auth->login())
{
if (!empty($this->data['User']['remember']))
{
$cookie = array();
$cookie['login'] = $this->data['User']['login'];
$cookie['password'] = $this->data['User']['password'];
$cookie['language'] =$this->data['User']['language'];
$this->Cookie->write('Auth.projectname', $cookie, true, '+1 years');
unset($this->data['User']['remember']);
public function admin_login() {
$this->layout = 'admin_login';
if (count($this->Session->read("Auth.User"))) {
$usr = $this->Session->read("Auth.User");
if ($usr['role'] == 'A' || $usr['role'] == 'RA' || $usr['role'] == 'MAfA' || $usr['role'] == 'Af' || $usr['role'] == 'FAA')
return $this->redirect(array('controller' => 'dashboard', 'action' => 'view'));
}
if ($this->request->is('post')) {
if ($this->request->data['User']['remember_me']=="1") {
// pr($this->request->data);
// die('sdd');
$this->Cookie->write('username', $this->request->data['User']['username'], true, '1 year');
$this->Cookie->write('password', $this->request->data['User']['password'], true, '1 year');
} else {
$this->Cookie->destroy();
}
/*
* Check if email or username is passed in form
*/
$uname = $this->request->data['User']['username'];
//login via email
if (filter_var($uname, FILTER_VALIDATE_EMAIL)) {
$u = $this->User->findByemail($uname);
} else { //login via username
$u = $this->User->findByusername($uname);
}
if ($u) {
$this->request->data['User']['username'] = $u['User']['username'];
/* * *
* Error if user is not active
*/
if ($u['User']['user_status'] != 'active') {
$this->Session->setFlash(__('Sorry! Your account is not active.'), 'default', array('class' => 'alert alert-danger'));
} elseif ($this->Auth->login()) { //if logged in
$user_caps = $this->fetchCapabilitiesByRole($u['User']['role']);
$this->Session->write("Auth.User.privileges", array('capabilities' => $user_caps['capabilities'], 'geo_areas' => array()));
if ($u['User']['role'] == 'A' || $u['User']['role'] == 'RA' || $u['User']['role'] == 'Af' || $u['User']['role'] == 'MAfA' || $u['User']['role'] == 'FAA')
return $this->redirect(array('controller' => 'dashboard', 'action' => 'view'));
return $this->redirect($this->Auth->redirect());
}else { //if invalid
$this->Session->setFlash(__('Invalid username or password.'), 'default', array('class' => 'alert alert-danger'));
}
} else {//if user does not exists
$this->Session->setFlash(__('User does not exists.'), 'default', array('class' => 'alert alert-danger'));
}
}
}
- 1. CakePhp记住我的选项
- 2. cakephp 2记住我自动登录
- 3. CakePHP 2.2.2 Auth使用不记录用户?
- 4. AngularJS使用JWT记住我的功能Auth
- 5. cakePHP - 记住搜索FIlters
- 6. 记住与Auth模块的会话吗?
- 7. CakePHP-AjaxMultiUpload和Auth
- 8. cakephp auth loginRedirect
- 9. DotNetOpenAuth记住我
- 10. Cakephp 2.x与Auth组件与不同模型卡住
- 11. 记住我使用codeigniter
- 12. Cakephp auth session not chrome
- 13. 记住我和restful_authentication
- 14. “记住我”在ASP.Net
- 15. PHP记住我,COOKIE
- 16. 记住我的cookie
- 17. Jasig CAS:记住我
- 18. 记住我与zend_auth
- 19. CakePHP登录()与'记住我'导致无限循环
- 20. 在Spring Security中记住我只记住用户名
- 21. 我的“记住我” - 特色
- 22. 从外面访问cakephp会话(auth)cakephp
- 23. 用户使用'记住我'登出
- 24. Cakephp Auth-> loginredirect问题
- 25. CakePHP 2.0 Auth登录无效
- 26. cakephp:$ this-> Auth-> allow
- 27. Cakephp auth登录问题?
- 28. CakePHP - auth组件的问题
- 29. CakePHP Auth允许JSON扩展
- 30. CakePHP Auth无盐登录
你对这个问题不再有兴趣吗?您对任何答案都没有提供任何反馈。 – Hoff
你可能想看看https://github.com/delight-im/PHP-Auth,它既是框架不可知的,也是与数据库无关的。 – caw