0

我是 Slim 框架的新用户,我有一个简单的 Slim 3 应用程序,具有登录和注册验证功能。但是我不确定这是否是设置错误并检查用户是否登录的正确/最佳方法-如果会话user.id存在,则将其重定向到他的帐户。

我使用了一个中间件:AuthMiddleware其中包括:

class AuthMiddleware
{
protected $container;

public function __construct($container)
{
    $this->container = $container;
}

public function __invoke($request, $response, $next)
{
    if (isset($_SESSION['user.id']) && !empty($_SESSION['user.id'])) {
        return $response->withRedirect($this->container->router->pathFor('user.index'));
    }

    $twig = $this->container->view->getEnvironment();

    if (isset($_SESSION['validation'])) {
        $twig->addGlobal('errors', $_SESSION['validation']['errors']);
        $twig->addGlobal('values', $_SESSION['validation']['values']);
        unset($_SESSION['validation']);
    }

    if (isset($_SESSION['auth.signup.success'])) {
        $twig->addGlobal('auth_signup_success', $_SESSION['auth.signup.success']);
        unset($_SESSION['auth.signup.success']);
    }

    if (isset($_SESSION['auth.signin.failed'])) {
        $twig->addGlobal('auth_signin_failed', $_SESSION['auth.signin.failed']);
        unset($_SESSION['auth.signin.failed']);
    }

    $response = $next($request, $response);

    return $response;
}
}

我用Twig我的观点。validation其中分配的会话validator.php包括:

class Validator
{
protected $errors = [];
protected $values = [];

public function validate($request, $rules)
{
    foreach ($rules as $field => $rule) {
        $this->values[$field] = $request->getParam($field);
        try {
            $rule->setName(ucfirst($field))->assert($request->getParam($field));
        } catch (NestedValidationException $e) {
            $this->errors[$field] = $e->getMessages()[0];
        }
    }

    if ($this->failed()) {
        $_SESSION['validation'] = [
            'errors' => $this->errors,
            'values' => $this->values,
        ];
    }

    return $this;
}

public function failed()
{
    return !empty($this->errors);
}
}

使用Respect\Validation. 另外,这是正确的用法Middlewares吗?

提前致谢。

4

1 回答 1

1

尝试为方法创建一个单独的文件,并从中间件调用它:

<?php 
    class AuthMiddleware extends Middleware {
        public function __invoke($request, $response, $next) {
            if (!$this->container->auth->check()) {
                $this->container->flash->addMessage('danger', 'Please sign in to continue.');
            return $response->withRedirect($this->container->router->pathFor('auth.signin'));
            }
            $response = $next($request, $response);
            return $response;
        }
    }

而 Auth 类将有这些方法来检查:

<?php
    public function check () {
        return isset($_SESSION['user']);
    }

    public function user() {
        if (isset($_SESSION['user'])) {
            return User::find($_SESSION['user'])->first();
        } else {
            return false;
        }
    }

不要忘记在$app中包含Auth类:

<?php 
    $container['auth'] = function ($container) {
        return new \App\Auth\Auth();
    };
于 2016-12-12T13:26:57.200 回答