Yii:用户身份验证不起作用

时间:2012-05-03 22:36:28

标签: php yii

所以我尝试登录Yii中的应用程序,它似乎停在他们的站点控制器的验证或登录功能。它从不登录它从来没有做任何有用的事情。没有任何显示,没有错误,nada zip

我关注的是:http://www.larryullman.com/2010/01/04/simple-authentication-with-the-yii-framework/

UserIdentity类:

class UserIdentity extends CUserIdentity

public function authenticate()
{

        $user = User::model()->findByAttributes(array('username'=>$this->username));
        $saltedPW = ""; // null string for salted PW

        if ($user===null) { // No user found!
                $this->errorCode=self::ERROR_USERNAME_INVALID;
        }

        if ($user!==null){
            // salt the user password string then hash
            // incase $user pw is not a salted hash, rather a password string
            $saltedPW = md5(Yii::app()->params["salt"] . $user->password);

            //testing the password 
            if (($user->password !== $this->password) || 
                ($saltedPW       !== $this->password))
            {
                    $this->errorCode=self::ERROR_PASSWORD_INVALID;
            } 
            else 
            {
                    $this->errorCode=self::ERROR_NONE;
            }
        }
    return !$this->errorCode;
    }

}

从站点控制器登录:

public function actionLogin()
{
    $model=new LoginForm;

    // if it is ajax validation request
    if(isset($_POST['ajax']) && $_POST['ajax']==='login-form')
    {
        echo CActiveForm::validate($model);
        Yii::app()->end();
    }

    // collect user input data
    if(isset($_POST['LoginForm']))
    {
        $model->attributes=$_POST['LoginForm'];
        // validate user input and redirect to the previous page if valid
        if($model->validate() && $model->login())
                    {
                        $this->redirect(Yii::app()->user->returnUrl);
                    }
                    else
                    {
                       $this->render('login',array('model'=>$model)); 
                    }
    }
    // display the login form
    $this->render('login',array('model'=>$model));
}

登录表单

class LoginForm extends CFormModel
{
    public $username;
    public $password;
    public $rememberMe;
    private $_identity;

    /**
     * Declares the validation rules.
     * The rules state that username and password are required,
     * and password needs to be authenticated.
     */
    public function rules()
    {
        return array(
            // username and password are required
            array('username, password', 'required'),
            // rememberMe needs to be a boolean
            array('rememberMe', 'boolean'),
            // password needs to be authenticated
            array('password', 'authenticate'),
        );
    }

    /**
     * Declares attribute labels.
     */
    public function attributeLabels()
    {
        return array(
            'rememberMe'=>'Remember me next time',
        );
    }

    /**
     * Authenticates the password.
     * This is the 'authenticate' validator as declared in rules().
     */
    public function authenticate($attribute,$params)
    {
        if(!$this->hasErrors())
        {
            $this->_identity=new UserIdentity($this->username,$this->password);
            if(!$this->_identity->authenticate())
                $this->addError('password','Incorrect username or password.');
        }
    }

    /**
     * Logs in the user using the given username and password in the model.
     * @return boolean whether login is successful
     */
    public function login()
    {
        if($this->_identity===null)
        {
            $this->_identity=new UserIdentity($this->username,$this->password);
            $this->_identity->authenticate();
        }
        if($this->_identity->errorCode===UserIdentity::ERROR_NONE)
        {
            $duration=$this->rememberMe ? 3600*24*30 : 0; // 30 days
            Yii::app()->user->login($this->_identity,$duration);
            return true;
        }
        else
            return false;
    }

}

1 个答案:

答案 0 :(得分:1)

我刚用这个及其工作替换了UserIdentity类。

保护/组件/ UserIdentity.php

<?php

/**
 * UserIdentity represents the data needed to identity a user.
 * It contains the authentication method that checks if the provided
 * data can identity the user.
 */
class UserIdentity extends CUserIdentity {

    /**
     * Id for current user.
     * @var type 
     */
    private $_id;

    /**
     * Email address variable.
     * @var type 
     */
    public $email;

    /**
     * Custom error indicators.
     */

    const ERROR_EMAIL_INVALID = 3;
    const ERROR_ACCOUNT_INACTIVE = 4;

    /**
     * Over-ride the parent constructor and uses email for auth.
     * @param type $email
     * @param type $password
     */
    public function __construct($email, $password) {
        $this->email = $email;
        $this->username = $email;
        $this->password = $password;
    }

    public function authenticate() {
        // we need to filter on email only
        $attrs = array('email' => $this->email);
        // obtain all users matching this criterion
        $record = User::model()->findByAttributes($attrs);
        // if no users are obtained, we need to set custom message.
        if ($record === null)
            $this->errorCode = self::ERROR_EMAIL_INVALID;
        // if password does not match, indicate this via message.
        else if ($record->password !== crypt($this->password, $record->password))
            $this->errorCode = self::ERROR_PASSWORD_INVALID;
        // check if user account is enabled.
        else if ($record->is_authorised == 0)
            $this->errorCode = self::ERROR_ACCOUNT_INACTIVE;
        else {
            // all check passed, now initiate a whatevr.
            $this->_id = $record->id;
            $this->email = $this->username = $record->email;
            // no error occurred.
            $this->errorCode = self::ERROR_NONE;
        }
        // return the errorCode.
        return $this->errorCode;
    }

    /**
     * Returns ID.
     * @return type
     */
    public function getId() {
        return $this->_id;
    }

    /**
     * Returns username, part before '@' sign.
     * @return type
     */
    public function getName() {
        $usernameParts = explode('@', $this->email);
        return $usernameParts[0];
    }

}