使用员工模型的Auth组件;登录而不检查凭据

时间:2012-08-07 07:29:37

标签: cakephp

我试图在Auth组件中使用Employee模型而不是User模型。我的代码是:

AppController的 

public $components = array('Session','Auth');
function beforeFilter(){
    Security::setHash('md5');
    $this->Auth->userModel = 'Employee';
    $this->Auth->fields = array('username'=>'code','password'=>'password');
    $this->Auth->loginAction = array('controller'=>'employees','action'=>'login');
    $this->Auth->loginRedirect = array('controller'=>'pages','action'=>'home');
    $this->Auth->loginError = 'Invalid employee code or password, please try again';
    $this->Auth->logoutRedirect = array('controller'=>'employees','action'=>'login');
}
function beforeRender(){
    $this->set('Employee',$this->Auth->user());
}

EmployeeController 

function login(){
    $this->layout = 'login';
}
function logout(){
    $this->Redirect($this->Auth->logout());
}
function beforeFilter(){
    parent::beforeFilter();
    $this->Auth->allow('signup');
}
function beforeRender(){
    parent::beforeRender();
}

login.ctp 

<?php
echo $this->Form->create('Employee',array('/employees/login'));
echo $this->Form->input('code',array('label'=>'Employee code'));
echo $this->Form->input('password');
echo $this->Form->submit('Sign in',array('class'=>'b-button'));
echo $this->Form->end();
?>

问题是,当我点击登录按钮时,页面只是刷新。没有重定向,没有错误的消息,没有任何消息。

我在做什么有什么错误?

修改 

function login(){
    $this->layout = 'login';
    if($this->request->is('post')){
        if($this->Auth->login($this->request->data)){
            $this->Redirect('/pages/home');
        }else{
            $this->Session->setFlash('incorrect');
        }
    }
}
function logout(){
    $this->redirect($this->Auth->logout());
}

现在它允许登录,无论输入的员工代码或密码如何。事实上,即使登录字段为空,它也可以登录。

3 个答案:

答案 0 :(得分:1)

尝试以下方法:

echo $this->Form->create('Employee', array('controller' => 'employees', 'action' => 'login'));

还要检查EmployeesController.php的登录方法中的用户真实性

public function login()
{       
    if ($this->request->is('post'))
    {
        if ($this->Auth->login($this->request->data))
        {               
         /*... do what you want...*/
        }
        else
        {
          this->Session->setFlash('Your username or password was incorrect.');
        }
    }
}

答案 1 :(得分:0)

echo $this->Form->create('Employee',array('/employees/login'));

尝试:

echo $this->Form->create('Employee',array('action'=>'login'));

答案 2 :(得分:0)

我有类似的问题。最后这是解决方案。

a)在$ components中定义tablename和fileds。不要在过滤器之前使用

public $components = array('Session', 'Acl', 'Auth' => array('authenticate' => array('Form' => array('userModel' => 'Employee','fields' => array('username' => 'code'), 'password' => 'password'))), 'Cookie');

b)永远不要使用

$this->Auth->login($this->request->data)

这会为任何垃圾邮件创建会话。 而是使用

$this->Auth->login()

c)cakephp的散列方法也不是md5。您可能想删除该行。

相关问题
最新问题