0

我知道这是一个过分的问题,但我无法在所有答案中找到解决方案。也许你可以帮助我。我正在尝试登录用户,但出现“用户名/密码无效”错误且数据正确。这是我第一次使用 cakePHP。

到代码。

模型: 

App::uses('AppModel','Model');

Class User extends AppModel {

    public $useTable = 'Users';

    public $hasMany = array(
        'Costumer' => array(
            'className' => 'Costumer',
            'foreignKey' => 'users_id',
            'order' => 'Costumer.name ASC'
        )
    );

    //Suppressed the validation code, don't think it's important here

    public function beforeSave($options = array()){
        if (!empty($this->data['User']['pwd'])) {
            $this->data['User']['passwd'] = Security::hash($this->data['User']['pwd']);
        }
    }
}

控制器:

App::uses('AppController', 'Controller');

class UsersController extends AppController{

public $helpers = array('Html', 'Form');
public $name = 'Users';
public $components = array('Auth','Session');

public function beforeFilter(){
    parent::beforeFilter();
    $this->Auth->allow('add');
}

public function login(){
    //Tests
    $userEmail = $this->User->findByEmail($this->request->data['User']['email']);
    $userPass = $this->User->findByPasswd(Security::hash($this->request->data['User']['passwd']));
    die(var_dump($userEmail, $userPass));

    if ($this->request->is('post')) {
        $this->request->data['User']['passwd'] = Security::hash($this->request->data['User']['passwd']);
        if ($this->Auth->login()){
            return $this->redirect($this->Auth->redirectUrl());
        } else {
            $this->Session->setFlash(__('E-mail e/ou usuário incorretos, tente novamente.'));
        }
    }
}

看法:

<div class="row" style="margin-top: 40px;">
<div class="col-lg-8">

</div>
<div id="login" class="col-lg-2" style="background-color: #eee">
    <h3>Conecte-se.</h3>
    <?php 
        echo $this->Form->create('User', array(
            'label' => 'login', 
            'class' => 'form-horizontal form-group'
            )
        );
        echo $this->Form->input('email', array(
            'label' => 'E-mail',
            'class' => 'form-control',              
            )
        );
        echo $this->Form->input('passwd', array(
            'label' => 'Senha',
            'class' => 'form-control', 
            )
        );
        echo '<br />';
        echo $this->Form->end(array(
            'label' => 'Entrar', 
            'class' => 'btn btn-success'
            )
        );
     ?>
</div>

我的 AppController.php 有:

class AppController extends Controller {
//public $components = array('DebugKit.Toolbar');

public $components = array(
    'Session',
    'Auth' => array(
        'loginRedirect' => array('controller' => 'pages', 'action' => 'display', 'homemk'),
        'logoutRedirect' => array('controller' => 'pages', 'action' => 'display', 'homemk'),
        'authenticate' => array(
            'Form' => array(
                'fields' => array('username' => 'email', 'password' => 'passwd'),
                'passwordHasher' => 'Blowfish'
            )
        ),
        'authError' => 'Para visualizar esta página, você precisa estar logado.'
    )
);

public function beforeFilter(){
    $this->Auth->allow('display');      
    $this->set('authUser', $this->Auth->user());

}

}

疯狂的是,UsersController 的两条线

$userEmail = $this->User->findByEmail($this->request->data['User']['email']);


$userPass = $this->User->findByPasswd(Security::hash($this->request->data['User']['passwd']));

返回我尝试登录的用户,所以它似乎不是数据错误。

伙计们!我在这里想念什么?

谢谢。

编辑

由于我还没有找到以“优雅”方式执行此操作的任何方法,因此我编写了一个虚拟解决方法。它根据数据库手动检查请求-> 数据值并手动登录用户。这是一个临时解决方案,我稍后再讨论。

public function login(){
    if ($this->request->is('post')) {
        $user = $this->User->findByEmail($this->request->data['User']['email']);            
        if (!empty($user) && ($user['User']['passwd'] == Security::hash($this->request->data['User']['passwd']))){
            $this->Auth->login($this->request->data);
            return $this->redirect($this->Auth->redirectUrl());
        } else {
            $this->Session->setFlash(__('E-mail e/ou usuário incorretos, tente novamente.'));
        }
    }
}
4

1 回答 1

0

我不熟悉 Auth 组件的 passwordHasher 属性,也不熟悉 Blowfish。

你应该使用 Cake 的内置密码哈希

用户模型

public function beforeSave() {
    if (isset($this->data['User']['passwd'])) {
        $this->data['User']['passwd'] = AuthComponent::password($this->data['User']['passwd']);
    }
    return true;
}

应用控制器

public $components = array(
    'Session',
    'Auth' => array(
        'loginRedirect' => array('controller' => 'pages', 'action' => 'display', 'homemk'),
        'logoutRedirect' => array('controller' => 'pages', 'action' => 'display', 'homemk'),
        'authenticate' => array(
            'Form' => array(
                'fields' => array('username' => 'email', 'password' => 'passwd'),
            )
        ),
        'authError' => 'Para visualizar esta página, você precisa estar logado.'
    )
);

用户控制器

public function login() {
    if ($this->request->is('post')) {
        if ($this->Auth->login()){
            return $this->redirect($this->Auth->redirectUrl());
        } else {
            $this->Session->setFlash(__('E-mail e/ou usuário incorretos, tente novamente.'));
        } // end if cannot log in
    } // end if no form submitted
} // end login
于 2013-08-09T12:38:35.253 回答