14

私は Auth を正常に使用しましたが、残念ながら、Session でのみ機能するようです。ユーザーが「Remember Me」チェックボックスをオンにすると、Cookie を使用して、2 週間ログインできるようになります。公式の本には何も見つかりませんでした。Google では、あまり良くないブログ記事をいくつか見つけました。コアを書き直さずにこれを実装する方法はありますか?

4

8 に答える 8

48

ユーザーコントローラーで:

public function beforeFilter() {
    $this->Auth->allow(array('login', 'register'));
    parent::beforeFilter();
}

public function login() {
    if ($this->request->is('post')) {

        if ($this->Auth->login()) {

            // did they select the remember me checkbox?
            if ($this->request->data['User']['remember_me'] == 1) {
                // remove "remember me checkbox"
                unset($this->request->data['User']['remember_me']);

                // hash the user's password
                $this->request->data['User']['password'] = $this->Auth->password($this->request->data['User']['password']);

                // write the cookie
                $this->Cookie->write('remember_me_cookie', $this->request->data['User'], true, '2 weeks');
            }

            return $this->redirect($this->Auth->redirect());

        } else {
            $this->Session->setFlash(__('Username or password is incorrect.'));
        }
    }

    $this->set(array(
        'title_for_layout' => 'Login'
    ));
}

public function logout() {
    // clear the cookie (if it exists) when logging out
    $this->Cookie->delete('remember_me_cookie');

    return $this->redirect($this->Auth->logout());
}

ログインビューで:

<h1>Login</h1>

<?php echo $this->Form->create('User'); ?>
    <?php echo $this->Form->input('username'); ?>
    <?php echo $this->Form->input('password'); ?>
    <?php echo $this->Form->checkbox('remember_me'); ?> Remember Me
<?php echo $this->Form->end('Login'); ?>

AppController で:

public $components = array(
    'Session',
    'Auth',
    'Cookie'
);

public $uses = array('User');

public function beforeFilter() {
    // set cookie options
    $this->Cookie->key = 'qSI232qs*&sXOw!adre@34SAv!@*(XSL#$%)asGb$@11~_+!@#HKis~#^';
    $this->Cookie->httpOnly = true;

    if (!$this->Auth->loggedIn() && $this->Cookie->read('remember_me_cookie')) {
        $cookie = $this->Cookie->read('remember_me_cookie');

        $user = $this->User->find('first', array(
            'conditions' => array(
                'User.username' => $cookie['username'],
                'User.password' => $cookie['password']
            )
        ));

        if ($user && !$this->Auth->login($user['User'])) {
            $this->redirect('/users/logout'); // destroy session & cookie
        }
    }
}
于 2012-09-18T15:20:40.490 に答える
6

この URL を参照してください。非常に役立つと思います。

http://lecterror.com/articles/view/cakephp-and-the-infamous-remember-me-cookie

またはこれを試してください

function login() {
    if ($this->Auth->user()) {
        if (!empty($this->data) && $this->data['User']['remember_me']) {
            $cookie = array();
            $cookie['username'] = $this->data['User']['username'];
            $cookie['password'] = $this->data['User']['password'];
            $this->Cookie->write('Auth.User', $cookie, true, COOKIE_EXPIRE);
            unset($this->data['User']['remember_me']);
        }

        $this->LogDetail->Write('activity','has logged IN');
        $this->redirect($this->Auth->redirect());
    }

    if (empty($this->data)) {
        $cookie = $this->Cookie->read('Auth.User');
        if (!is_null($cookie)) {
            if ($this->Auth->login($cookie)) {
                $this->Session->destroy('Message.Auth'); # clear auth message, just in case we use it.
                $this->LogDetail->Write('activity','has been authenticated via cookie and is now logged IN');

                $this->redirect($this->Auth->redirect());
            } else {
                $this->LogDetail->Write('activity','attempted to gain access with an invalid cookie');
                $this->Cookie->destroy('Auth.User'); # delete invalid cookie

                $this->Session->setFlash('Invalid cookie');
                $this->redirect('login');
            }
        }
    }
}
于 2012-09-16T18:31:09.270 に答える
5

CookeAuthenticate アダプターを使用します。

https://github.com/ceeram/Authenticate/blob/master/Controller/Component/Auth/CookieAuthenticate.php

ここで詳細情報:

https://github.com/ceeram/Authenticate/wiki/Set-Cookie

于 2012-09-21T08:58:21.263 に答える
3

私は Cookie で識別されるセッションに他ならないことを思い出してください。ただし、Cookie の有効期間は無限に設定されています。セッション Cookie の有効期間については、Config/core.php を参照してください。

于 2012-09-16T15:10:01.797 に答える
0
 public function admin_login() {
        $this->layout = 'admin_login';
        if (count($this->Session->read("Auth.User"))) {
            $usr = $this->Session->read("Auth.User");
            if ($usr['role'] == 'A' || $usr['role'] == 'RA' || $usr['role'] == 'MAfA' || $usr['role'] == 'Af' || $usr['role'] == 'FAA')
                return $this->redirect(array('controller' => 'dashboard', 'action' => 'view'));
        }
        if ($this->request->is('post')) {

            if ($this->request->data['User']['remember_me']=="1") {
//                pr($this->request->data);
//                die('sdd');


                $this->Cookie->write('username', $this->request->data['User']['username'], true, '1 year');
                $this->Cookie->write('password', $this->request->data['User']['password'], true, '1 year');
            } else {
                $this->Cookie->destroy();
            }
            /*
             * Check if email or username is passed in form
             */
            $uname = $this->request->data['User']['username'];
            //login via email
            if (filter_var($uname, FILTER_VALIDATE_EMAIL)) {
                $u = $this->User->findByemail($uname);
            } else { //login via username
                $u = $this->User->findByusername($uname);
            }
            if ($u) {
                $this->request->data['User']['username'] = $u['User']['username'];
                /*                 * *
                 * Error if user is not active
                 */
                if ($u['User']['user_status'] != 'active') {
                    $this->Session->setFlash(__('Sorry! Your account is not active.'), 'default', array('class' => 'alert alert-danger'));
                } elseif ($this->Auth->login()) { //if logged in
                    $user_caps = $this->fetchCapabilitiesByRole($u['User']['role']);
                    $this->Session->write("Auth.User.privileges", array('capabilities' => $user_caps['capabilities'], 'geo_areas' => array()));
                    if ($u['User']['role'] == 'A' || $u['User']['role'] == 'RA' || $u['User']['role'] == 'Af' || $u['User']['role'] == 'MAfA' || $u['User']['role'] == 'FAA')
                        return $this->redirect(array('controller' => 'dashboard', 'action' => 'view'));
                    return $this->redirect($this->Auth->redirect());
                }else { //if invalid
                    $this->Session->setFlash(__('Invalid username or password.'), 'default', array('class' => 'alert alert-danger'));
                }
            } else {//if user does not exists
                $this->Session->setFlash(__('User does not exists.'), 'default', array('class' => 'alert alert-danger'));
            }
        }
    }
于 2015-03-05T09:37:40.767 に答える
0

CakePHP のセキュリティ レベルについて知っておく必要があると思います。CakePHP のセキュリティを下げてみてください。CakePHP の Config 変数のドキュメント。私もかなり前にブログを書いていました。

于 2012-09-25T11:01:21.423 に答える
-1

質問に回答してからしばらく経ちましたが、これが私の後に来る人に役立つことを願っています.

CeeramのAuhenticateプラグインを使用して「remember me」機能をセットアップする方法についての簡単なウォークスルーを書きました

詳細はこちら: http://mirkoborivojevic.com/posts/2013/08/10/setup-remember-me-functionality-in-cakephp/

于 2013-08-11T07:48:51.300 に答える