1

I am working on an existing project that has two areas that can be logged into. An admin section and the front end.

Currently the admin section has a login action and the front end has its own login action. Admin logs in using a database table specifically for admin accounts, the front end is logged in using a different table all together.

If the admin is logged in and tries to then log into the front end they are prompted to log in as a front end user (needed because front end users get completely different content based on projects they are associated with and admin is not associated with one particular project).

Once logged in as a front end user, their admin credentials are gone and they have to log in again if they try to reenter the admin section.

I want to make it so that the admin can be logged into the admin section AND log in as a specific front end user. Thus being able to switch back and forth between the two sections of the site without have to re-login.

What is the best way to handle this within the Zend Framework?

So far I am thinking of losing the separate login actions and having just one (there is no need for two, correct?) and then I have to deal with allowing separate credentials.

Currently, logging in as a front end user results in the admin user having to log back in to access the admin area. Is this because some $_SESSION credential is being overwritten? Do I need to somehow create a custom $_SESSION variable to handle this the ZF way?

Obviously I can't just directly assign a value to $_SESSION['front_end'] or $_SESSION['admin'] (which I would have done back in the day) so how would I do this within Zend Framework?

Thanks!

4

1 回答 1

1

第一个问题,你真的需要这样做吗?假设管理员用户可以访问所有项目,这样的典型方法是在前端为管理员提供一个下拉列表,列出所有项目并允许他们在它们之间切换。一旦他们选择了一个,这个选择就会存储在他们的会话中,他们可以查看数据,就好像他们以这些用户之一的身份登录一样。然后他们可以随意在项目之间切换。

如果你真的需要两次登录,这当然应该是可能的。默认情况下 Zend_Auth 使用 Zend_Auth_Storage_Session 类在会话中存储认证结果。默认情况下,此类使用会话命名空间“Zend_Auth”(即数据存储在 中$_SESSION['Zend_Auth']),因此当您的前端用户成功登录到管理员时,他们的会话身份验证数据将被管理员身份验证的结果覆盖。因此,您要做的是让 Zend_Auth_Storage_Session 为管理员登录使用不同的名称空间(或每个名称空间的自定义名称空间)。

从理论上讲,您应该能够执行以下操作:

public function loginAction()
{
    $auth = Zend_Auth::getInstance();
    if (...) { // check some condition that returns true for admin logins
        // setup storage with custom admin namespace (can be any string)
        $authStorage = new Zend_Auth_Storage_Session('Yourapp_Admin_Auth');
    } else {
        // use defaults
        $authStorage = new Zend_Auth_Storage_Session();
    }
    $auth->setStorage($authStorage);

    // carry on login as normal
    [...]
}

所以,这样做的目的是让 Zend_Auth$_SESSION['Yourapp_Admin_Auth']用于管理员登录和$_SESSION['Zend_Auth']前端登录的默认设置。

于 2010-09-27T20:30:42.057 回答