我希望auth组件允许用户登录用户名或电子邮件。 在我的users表中,两个字段 - userName和userEmail都是唯一的。 在注册时,密码生成如下:
SHA1($ $用户名密码。);
问题是用户无法使用电子邮件登录。
App Controller
var $components = array('Auth');
public function beforeFilter(){
if(isset($this->params['prefix']) && $this->params['prefix'] == 'webadmin') {
$this->Auth->userModel = 'Admin';
$this->Auth->logoutRedirect = $this->Auth->loginAction = array('prefix' => 'webadmin', 'controller' => 'login', 'action' => 'index');
$this->Auth->loginError = 'Invalid Username/Password Combination!';
$this->Auth->authError = 'Please login to proceed further!';
$this->Auth->flashElement = "auth.front.message";
$this->Auth->loginRedirect = array('prefix'=>'webadmin', 'controller'=>'dashboard', 'action'=>'index');
}
else{
$this->layout="front";
//$this->Auth->autoRedirect = false;
// $this->Auth->logoutRedirect = $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
// $this->Auth->loginRedirect = array('controller'=>'blogs', 'action'=>'index');
$this->Auth->fields = array(
'username' => 'userName',
'password' => 'password'
);
$this->Auth->userScope = array('User.status'=>1);
$this->Auth->loginError = "The username/email and password you entered doesn't match our records.";
$this->Auth->authError = 'Please login to view this page!';
$this->Auth->flashElement = "auth.front.message";
$this->Auth->loginRedirect = array('controller'=>'profiles', 'action'=>'index');
}
用户控制器:登录功能如下:
if(!empty($this->data))
{
// Try to login with Email
if (!empty($this->Auth->data)) {
// save username entered in the login form
$username = $this->Auth->data['User']['userName'];
// find a user by e-mail
$find_by_email = $this->User->find('first', array(
'conditions' => array('userEmail' => $this->Auth->data['User']['userName']),
'fields' => 'userName'));
// found
if (!empty($find_by_email))
{
$this->Auth->data['User']['userName'] = $find_by_email['User']['userName'];
$this->data['User']['password']=$this->Auth->data['User']['password'];
if (!$this->Auth->login($this->data)) {
// login failed
// bring back the username entered in the login form
$this->Auth->data['User']['username'] = $username;
} else {
$this->Session->delete('Message.auth');
// redirect
if ($this->Auth->autoRedirect) {
$this->redirect($this->Auth->redirect(), null, true);
}
}
}
}
}
Auth.php :(我在密码生成方式上做了一些更改,因为我正在使用cakephp会话自动登录SMF论坛。)
function login($data = null) {
$data['User.password'] = sha1(strtolower($data['User.userName']) . $_POST['data']['User']['password']);
$this->__setDefaults();
$this->_loggedIn = false;
if (empty($data)) {
$data = $this->data;
}
if ($user = $this->identify($data)) {
$this->Session->write($this->sessionKey, $user);
$this->_loggedIn = true;
}
return $this->_loggedIn;
}
我从this链接获得了帮助,但我没有在auth.php中的$ data ['User.userName']中获取用户名,我在这里收到电子邮件,因此密码出错并导致登录失败
请帮忙。
答案 0 :(得分:1)
条件有误,应该是:
'conditions' => array('userEmail' => $this->Auth->data['User']['email']),
您正在检查用户名。
答案 1 :(得分:0)
我能让它发挥作用的唯一方法是修改蛋糕中的auth.php。
App Controller 我在过滤器之前将其添加到代码中:
$this->Auth->fields = array(
'username' => 'userName',
'email'=>'userEmail',
'password' => 'password'
);
用户控制器我删除了所有额外的代码。
<强> Auth.php 强> 我对识别功能进行了更改,以便按照我想要的方式加密密码后检查电子邮件。
function identify($user = null, $conditions = null) {
if ($conditions === false) {
$conditions = array();
} elseif (is_array($conditions)) {
$conditions = array_merge((array)$this->userScope, $conditions);
} else {
$conditions = $this->userScope;
}
$model =& $this->getModel();
if (empty($user)) {
$user = $this->user();
if (empty($user)) {
return null;
}
} elseif (is_object($user) && is_a($user, 'Model')) {
if (!$user->exists()) {
return null;
}
$user = $user->read();
$user = $user[$model->alias];
} elseif (is_array($user) && isset($user[$model->alias])) {
$user = $user[$model->alias];
}
if (is_array($user) && (isset($user[$this->fields['username']]) || isset($user[$model->alias . '.' . $this->fields['username']]))) {
if (isset($user[$this->fields['username']]) && !empty($user[$this->fields['username']]) && !empty($user[$this->fields['password']])) {
if (trim($user[$this->fields['username']]) == '=' || trim($user[$this->fields['password']]) == '=') {
return false;
}
$find = array(
$model->alias.'.'.$this->fields['username'] => $user[$this->fields['username']],
$model->alias.'.'.$this->fields['password'] => $user[$this->fields['password']]
);
} elseif (isset($user[$model->alias . '.' . $this->fields['username']]) && !empty($user[$model->alias . '.' . $this->fields['username']])) {
if (trim($user[$model->alias . '.' . $this->fields['username']]) == '=' || trim($user[$model->alias . '.' . $this->fields['password']]) == '=') {
return false;
}
// my code starts
$user['User.userEmail']=$user['User.userName'];
//find username using email
$find_by_email= $model->find('first', array(
'fields' => array('User.userName','User.realpass'),
'conditions' => array($model->alias.'.'.$this->fields['email'] => $user[$model->alias . '.' . $this->fields['email']]),
'recursive' => 0
));
if(!empty($find_by_email))
{
$uname=strtolower($find_by_email['User']['userName']);
$pwd=$user[$model->alias . '.' . $this->fields['password']];
}
else
{
$uname=strtolower($user[$model->alias . '.' . $this->fields['username']]);
$pwd=$user[$model->alias . '.' . $this->fields['password']];
}
$thepassword = sha1($uname.$pwd); // encrypt password
// find user where username or email equals to the username passed
$find = array(
'OR' => array($model->alias.'.'.$this->fields['username'] => $user[$model->alias . '.' . $this->fields['username']], $model->alias.'.'.$this->fields['email'] => $user[$model->alias . '.' . $this->fields['username']]),
$model->alias.'.'.$this->fields['password'] => $thepassword
);
} else {
return false;
}
$cond=array_merge($find, $conditions);
$data = $model->find('first', array(
'conditions' => $cond,
'recursive' => 0
));
// my code ends here
if (empty($data) || empty($data[$model->alias])) {
return null;
}
} elseif (!empty($user) && is_string($user)) {
$data = $model->find('first', array(
'conditions' => array_merge(array($model->escapeField() => $user), $conditions),
));
if (empty($data) || empty($data[$model->alias])) {
return null;
}
}
if (!empty($data)) {
if (!empty($data[$model->alias][$this->fields['password']])) {
unset($data[$model->alias][$this->fields['password']]);
}
return $data[$model->alias];
}
return null;
}
最后,我评论了密码加密代码以返回简单密码,以便我可以在上面的函数中加密我需要的wat。
function password($password) {
//return Security::hash($password, null, true);
return $password;
}