2

我希望 auth 组件允许用户登录输入用户名或电子邮件。在我的用户表中,两个字段 - userName 和 userEmail 都是唯一的。在注册时,密码生成如下:

sha1($用户名.$密码);

问题是用户无法使用电子邮件登录。

应用控制器

 var $components = array('Auth');

 public function beforeFilter(){

if(isset($this->params['prefix']) && $this->params['prefix'] == 'webadmin') {

       $this->Auth->userModel = 'Admin';
      $this->Auth->logoutRedirect = $this->Auth->loginAction = array('prefix' => 'webadmin', 'controller' => 'login', 'action' => 'index');
        $this->Auth->loginError = 'Invalid Username/Password Combination!';
        $this->Auth->authError = 'Please login to proceed further!';
         $this->Auth->flashElement = "auth.front.message";
        $this->Auth->loginRedirect = array('prefix'=>'webadmin', 'controller'=>'dashboard', 'action'=>'index');
            }
          else{


         $this->layout="front";  

        //$this->Auth->autoRedirect = false;

        // $this->Auth->logoutRedirect = $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
    //   $this->Auth->loginRedirect = array('controller'=>'blogs', 'action'=>'index');
         $this->Auth->fields = array(
            'username' => 'userName',
            'password' => 'password'
           );
          $this->Auth->userScope = array('User.status'=>1); 

         $this->Auth->loginError = "The username/email and password you entered doesn't match our records.";
         $this->Auth->authError = 'Please login to view this page!';
         $this->Auth->flashElement = "auth.front.message";
         $this->Auth->loginRedirect = array('controller'=>'profiles', 'action'=>'index');

    }

用户控制器:登录功能如下:

if(!empty($this->data))
{ 
   // Try to login with Email
    if (!empty($this->Auth->data)) {
    // save username entered in the login form
    $username = $this->Auth->data['User']['userName'];

    // find a user by e-mail
    $find_by_email = $this->User->find('first', array(
                    'conditions' => array('userEmail' => $this->Auth->data['User']['userName']),
                    'fields' => 'userName'));
        // found
        if (!empty($find_by_email))
        {

        $this->Auth->data['User']['userName'] = $find_by_email['User']['userName'];
        $this->data['User']['password']=$this->Auth->data['User']['password'];

          if (!$this->Auth->login($this->data)) {

            // login failed
            // bring back the username entered in the login form
            $this->Auth->data['User']['username'] = $username;
          } else {
          $this->Session->delete('Message.auth');
          // redirect
          if ($this->Auth->autoRedirect) {
          $this->redirect($this->Auth->redirect(), null, true);
          }
        }
       }
    }
}

Auth.php:(我在使用 cakephp 会话自动登录 SMF 论坛时,对密码的生成方式进行了一些更改。)

    function login($data = null) {
 $data['User.password'] = sha1(strtolower($data['User.userName']) . $_POST['data']['User']['password']);


        $this->__setDefaults();
        $this->_loggedIn = false;

        if (empty($data)) {
            $data = $this->data;
        }

        if ($user = $this->identify($data)) {

            $this->Session->write($this->sessionKey, $user);
            $this->_loggedIn = true;
        }
        return $this->_loggedIn;
    }

我从这个链接获得了帮助,但是我没有在 auth.php 中的 $data['User.userName'] 中获得用户名,我在这里收到了电子邮件,所以密码错误并导致登录失败。

请帮忙。

4

2 回答 2

1

您的条件有错误,应该是:

'conditions' => array('userEmail' => $this->Auth->data['User']['email']),

您正在检查用户名。

于 2013-01-18T06:19:38.607 回答
0

我可以使它工作的唯一方法是修改蛋糕中的 auth.php。

App Controller 我在过滤器之前的代码中添加了这个:

 $this->Auth->fields = array(
        'username' => 'userName',
    'email'=>'userEmail',
        'password' => 'password'
     );

用户控制器我删除了所有额外的代码。

Auth.php 在以我想要的方式加密密码后,我对 identify 函数进行了更改以检查电子邮件。

function identify($user = null, $conditions = null) {
        if ($conditions === false) {
            $conditions = array();
        } elseif (is_array($conditions)) {
            $conditions = array_merge((array)$this->userScope, $conditions);
        } else {
            $conditions = $this->userScope;
        }
        $model =& $this->getModel();


        if (empty($user)) {
            $user = $this->user();
            if (empty($user)) {
                return null;
            }
        } elseif (is_object($user) && is_a($user, 'Model')) {
            if (!$user->exists()) {
                return null;
            }
            $user = $user->read();
            $user = $user[$model->alias];
        } elseif (is_array($user) && isset($user[$model->alias])) {
            $user = $user[$model->alias];
        }

        if (is_array($user) && (isset($user[$this->fields['username']]) || isset($user[$model->alias . '.' . $this->fields['username']]))) {
            if (isset($user[$this->fields['username']]) && !empty($user[$this->fields['username']])  && !empty($user[$this->fields['password']])) {
                if (trim($user[$this->fields['username']]) == '=' || trim($user[$this->fields['password']]) == '=') {
                    return false;
                }
                $find = array(
                    $model->alias.'.'.$this->fields['username'] => $user[$this->fields['username']],
                    $model->alias.'.'.$this->fields['password'] => $user[$this->fields['password']]
                );
            } elseif (isset($user[$model->alias . '.' . $this->fields['username']]) && !empty($user[$model->alias . '.' . $this->fields['username']])) {
                if (trim($user[$model->alias . '.' . $this->fields['username']]) == '=' || trim($user[$model->alias . '.' . $this->fields['password']]) == '=') {
                    return false;
                }

            // my code starts
            $user['User.userEmail']=$user['User.userName']; 
    //find username using email
        $find_by_email= $model->find('first', array(
                'fields' => array('User.userName','User.realpass'), 
                'conditions' => array($model->alias.'.'.$this->fields['email'] => $user[$model->alias . '.' . $this->fields['email']]),
                'recursive' => 0
            )); 



        if(!empty($find_by_email))
        {
        $uname=strtolower($find_by_email['User']['userName']);
        $pwd=$user[$model->alias . '.' . $this->fields['password']];
        }
        else
        {
        $uname=strtolower($user[$model->alias . '.' . $this->fields['username']]);
        $pwd=$user[$model->alias . '.' . $this->fields['password']];
        }
         $thepassword = sha1($uname.$pwd); // encrypt password


            // find user where username or email equals to the username passed  
                $find = array(
                    'OR' => array($model->alias.'.'.$this->fields['username'] => $user[$model->alias . '.' . $this->fields['username']], $model->alias.'.'.$this->fields['email'] => $user[$model->alias . '.' . $this->fields['username']]),
                    $model->alias.'.'.$this->fields['password'] => $thepassword
                );
            } else {
                return false;
            }


            $cond=array_merge($find, $conditions);

            $data = $model->find('first', array(
                'conditions' => $cond,
                'recursive' => 0
            ));

  // my code ends here

            if (empty($data) || empty($data[$model->alias])) {
                return null;
            }
        } elseif (!empty($user) && is_string($user)) {
            $data = $model->find('first', array(
                'conditions' => array_merge(array($model->escapeField() => $user), $conditions),
            ));
            if (empty($data) || empty($data[$model->alias])) {
                return null;
            }
        }

        if (!empty($data)) {
            if (!empty($data[$model->alias][$this->fields['password']])) {
                unset($data[$model->alias][$this->fields['password']]);
            }
            return $data[$model->alias];
        }
        return null;
    }

最后,我注释了密码加密代码以返回简单密码,以便我可以在上述函数中加密它所需的 wat。

function password($password) {
//return Security::hash($password, null, true);
 return $password;
}
于 2013-01-18T10:42:59.580 回答