1

这是AppController.php中的组件声明>

'Auth' => array(
    'authenticate' => array(
        'Form' => array(
            'userModel' => 'User',
            'fields' => array('username' => 'email', 'password' => 'code'),
            'scope' => array('activated' => true),
        ),
    ),
    'loginAction' => array('controller' => 'users', 'action' => 'login'),
    'loginRedirect' => array('controller' => 'members', 'action' => 'dashboard', 'admin' => true),
    'authError' => 'No Permission',
    'logoutRedirect' => array('controller' => 'pages', 'action' => 'home'),
    'userScope' => array('User.activated' => true),
),

登录表格:

<?= $this->Form->create('User', array('url' => '/users/login', 'class' => 'form-inline'));?>
    <div class="form-group">
        <?= $this->Form->input('User.email', array(
            'div' => false,
            'label' => false,
            'placeholder' => 'е-пошта',
            'class' => 'form-control',
            'required' => true,
        ));?>
        <?= $this->Form->input('User.code', array(
            'div' => false,
            'label' => false,
            'placeholder' => 'сериски број',
            'class' => 'form-control',
            'required' => true,
        ));?>
        <?= $this->Form->button('<i class="fa fa-user"></i>', array('type' => 'submit', 'class' => 'btn btn-primary', 'escape' => false));?>
    </div>
<?= $this->Form->end();?>

以及登录功能的片段:

// ...
if($this->request->is('post')) {
    if($this->Auth->login()) {
        if(isset($this->request->data['User']['token']) && $this->request->data['User']['token']) {
            $token = substr(md5(time()), 0, 32);
            $this->User->id = $this->Auth->user('id');
            $this->User->saveField('token', $token);
            $this->Cookie->write('remember_me', $token, false, '1 week');
        }
        return $this->redirect($this->Auth->loginRedirect);
    }
    // ...

现在,当我使用$this->Auth->login($this->request->data)or时$this->Auth->login($this->request->data['User']),它可以工作,但是当我只使用它时,$this->Auth->login()它就不行了。我可以通过登录来解决问题$this->request->data,然后手动将其余用户数据放入以后可用,但我想知道为什么会发生这种情况。有任何想法吗?

编辑

所以,正如 Karthik Keyan 提到的哈希,我认为这就是问题所在。CakePHP 会自动对密码(代码字段)进行哈希处理,而我不希望它这样做。所以我制作了一个名为 NoPasswordHasher 的自定义哈希类,如下所示:

App::uses('AbstractPasswordHasher', 'Controller/Component/Auth');

class NoPasswordHasher extends AbstractPasswordHasher {
    public function hash($password) {
        return $password;
    }

    public function check($password, $hashedPassword) {
        return $password == $hashedPassword;
    }
}

并在 Auth 组件中使用它:

'Auth' => array(
    'authenticate' => array(
        'Form' => array(
            'userModel' => 'User',
            'fields' => array('username' => 'email', 'password' => 'code'),
            'scope' => array('activated' => true),
            'passwordHasher' => 'No',
        ),
    ),

现在可以了。谢谢你。

4

1 回答 1

1

告诉您可以显示哪种类型的错误。请检查您是否可以以 HASH(盐)格式存储密码。

于 2015-06-03T10:10:02.200 回答