0

为了使所有控制器和操作都需要登录,我在Yii2 中所说的需要所有控制器和操作才能登录,并将以下代码添加到 web.php

'as beforeRequest' => [
        'class' => 'yii\filters\AccessControl',
        'rules' => [
                [
                        'allow' => true,
                        'actions' => ['login', 'forgot'],
                ],
                [
                        'allow' => true,
                        'roles' => ['@'],
                ],

        ],
        'denyCallback' => function () {
                return Yii::$app->response->redirect(['user/login']);
        },
],

但问题是忘记密码等所有其他操作都被重定向到登录页面,我想从登录所需条件中排除用户/忘记路由。请帮忙!

谢谢

4

2 回答 2

1

我知道我迟到了 3 年,但它可能对寻找这个答案的其他人有用:)

在 config/web.php

$config => [
/* ... */
    'as AccessBehavior' => [
    'class' => 'app\components\AccessBehavior',
    'allowedRoutes' => [
        '/auth/register',
        '/auth/forgot',
        '/auth/resend',
    ],
    'redirectUri' => '/auth/login',
],
/* ... */

然后在你的根项目中创建一个“components”文件夹,并使用以下代码创建一个“components\AccessBehavior.php”文件:

<?php

namespace app\components;

use Yii;
use yii\base\Behavior;
use yii\console\Controller;
use yii\helpers\Url;

class AccessBehavior extends Behavior
{
    protected $redirectUri;
    protected $allowedRoutes = [];
    protected $allowedUrls = [];

    public function setRedirectUri($uri)
    {
        $this->redirectUri = $uri;
    }    
    public function setAllowedRoutes(array $routes)
    {
        if (count($routes)) {
            foreach ($routes as $route) {
                $this->allowedUrls[] = Url::to($route);
            }
        }
        $this->allowedRoutes = $routes;
    }
    public function init()
    {
        if (empty($this->redirectUri)) {
            $this->redirectUri = Yii::$app->getUser()->loginUrl;
        }
    }   
    private function removeParams()
    {
        //enabled pretty url
        if (strpos(Yii::$app->getRequest()->url, "?") === false) 
        {
            $requestUrl = explode('/', Yii::$app->getRequest()->url);
            $params = array_values(Yii::$app->getRequest()->queryParams);
            $result = implode('/', array_diff($requestUrl, $params));
        } 
        else 
        {//not enabled pretty url
            $result = explode("?", \Yii::$app->getRequest()->url);
        }
        return $result;
    }    
    public function events()
    {
        return [Controller::EVENT_BEFORE_ACTION => 'beforeAction'];
    }

    public function beforeAction()
    {
        $requestUrl = $this->removeParams();
        if (Yii::$app->user->isGuest)
        {
            if ($requestUrl !== Url::to($this->redirectUri) && !in_array($requestUrl, $this->allowedUrls))
            {
                Yii::$app->getResponse()->redirect($this->redirectUri)->send();  
                exit(0);
            }
        }
    }
}

此代码仅检查用户是否已登录并检查请求的路线。如果访客用户正在访问允许的路由(您可以在配置中添加允许的路由)什么都不做,否则将用户重定向到登录页面:) 在上面的代码中,我将 dektrium 前缀路由设置为“auth”。当然在允许的路由中,你要设置你实际使用的路由,让用户注册、确认、修改密码..

于 2019-08-21T07:47:40.573 回答
0

尚未对其进行测试,但它应该可以工作。

'denyCallback'=>function() {
          if($this->action->id == 'forgot')
                return Yii::$app->response->redirect(['whatever/whatever']);
          else
                return Yii::$app->response->redirect(['user/login']);
},...
于 2016-03-03T10:29:19.837 回答