1

我有两种类型的用户,现在我不想使用 ACL。使用 Auth 组件,我想实现以下目标

login() -> 允许用户登录和访问网站的一般部分 admin_login -> 允许管理员访问网站的 admin_{actions} 部分。

当我进行管理员登录时 - >我想检查用户模块中的 group_id = 1 是否允许他们登录到网站的管理部分。

function admin_login(){
    $this->layout = 'admin_login';

    if($this->request->is('post')) {
        if($this->Auth->login()) {
            $this->redirect($this->Auth->redirect());
        } else {
            $this->Session->setFlash(__('Invalid username and password, try again'));
        }
    }
}

用户登录时如何检查group_id = 1?

4

1 回答 1

4

我会做这样的事情:

function admin_login(){
    $this->layout = 'admin_login';

    if($this->request->is('post')) {
        if($this->Auth->login()) {
            // If here because user is logged in
            // Check to see if group_id is 1
            if($this->Auth->user('group_id') == 1){
                //$this->redirect($this->Auth->redirect());
                $this->redirect('/admin/dashboards'); //Example
            }else{
                // In case a user tries to login thru admin_login
                // You should log them in anyway and send them to where they belond
                $this->redirect('/users/account'); 
            }
        } else {
            $this->Session->setFlash(__('Invalid username and password, try again'));
        }
    }
}
于 2012-04-10T02:46:49.390 回答