CakePHP使用Auth Component同时登录用户名和电子邮件

时间:2013-01-18 04:18:58

标签: php cakephp authentication cakephp-1.3

我希望auth组件允许用户登录用户名或电子邮件。 在我的users表中,两个字段 - userName和userEmail都是唯一的。 在注册时,密码生成如下:

SHA1($ $用户名密码。);

问题是用户无法使用电子邮件登录。

App Controller 

 var $components = array('Auth');

 public function beforeFilter(){

if(isset($this->params['prefix']) && $this->params['prefix'] == 'webadmin') {

       $this->Auth->userModel = 'Admin';
      $this->Auth->logoutRedirect = $this->Auth->loginAction = array('prefix' => 'webadmin', 'controller' => 'login', 'action' => 'index');
        $this->Auth->loginError = 'Invalid Username/Password Combination!';
        $this->Auth->authError = 'Please login to proceed further!';
         $this->Auth->flashElement = "auth.front.message";
        $this->Auth->loginRedirect = array('prefix'=>'webadmin', 'controller'=>'dashboard', 'action'=>'index');
            }
          else{


         $this->layout="front";  

        //$this->Auth->autoRedirect = false;

        // $this->Auth->logoutRedirect = $this->Auth->loginAction = array('controller' => 'users', 'action' => 'login');
    //   $this->Auth->loginRedirect = array('controller'=>'blogs', 'action'=>'index');
         $this->Auth->fields = array(
            'username' => 'userName',
            'password' => 'password'
           );
          $this->Auth->userScope = array('User.status'=>1); 

         $this->Auth->loginError = "The username/email and password you entered doesn't match our records.";
         $this->Auth->authError = 'Please login to view this page!';
         $this->Auth->flashElement = "auth.front.message";
         $this->Auth->loginRedirect = array('controller'=>'profiles', 'action'=>'index');

    }

用户控制器:登录功能如下:

if(!empty($this->data))
{ 
   // Try to login with Email
    if (!empty($this->Auth->data)) {
    // save username entered in the login form
    $username = $this->Auth->data['User']['userName'];

    // find a user by e-mail
    $find_by_email = $this->User->find('first', array(
                    'conditions' => array('userEmail' => $this->Auth->data['User']['userName']),
                    'fields' => 'userName'));
        // found
        if (!empty($find_by_email))
        {

        $this->Auth->data['User']['userName'] = $find_by_email['User']['userName'];
        $this->data['User']['password']=$this->Auth->data['User']['password'];

          if (!$this->Auth->login($this->data)) {

            // login failed
            // bring back the username entered in the login form
            $this->Auth->data['User']['username'] = $username;
          } else {
          $this->Session->delete('Message.auth');
          // redirect
          if ($this->Auth->autoRedirect) {
          $this->redirect($this->Auth->redirect(), null, true);
          }
        }
       }
    }
}

Auth.php :(我在密码生成方式上做了一些更改,因为我正在使用cakephp会话自动登录SMF论坛。) 

    function login($data = null) {
 $data['User.password'] = sha1(strtolower($data['User.userName']) . $_POST['data']['User']['password']);


        $this->__setDefaults();
        $this->_loggedIn = false;

        if (empty($data)) {
            $data = $this->data;
        }

        if ($user = $this->identify($data)) {

            $this->Session->write($this->sessionKey, $user);
            $this->_loggedIn = true;
        }
        return $this->_loggedIn;
    }

我从this链接获得了帮助,但我没有在auth.php中的$ data ['User.userName']中获取用户名,我在这里收到电子邮件,因此密码出错并导致登录失败

请帮忙。

2 个答案:

答案 0 :(得分:1)

条件有误,应该是:

'conditions' => array('userEmail' => $this->Auth->data['User']['email']),

您正在检查用户名。

答案 1 :(得分:0)

我能让它发挥作用的唯一方法是修改蛋糕中的auth.php。

App Controller 我在过滤器之前将其添加到代码中:

 $this->Auth->fields = array(
        'username' => 'userName',
    'email'=>'userEmail',
        'password' => 'password'
     );

用户控制器我删除了所有额外的代码。

<强> Auth.php 我对识别功能进行了更改,以便按照我想要的方式加密密码后检查电子邮件。

function identify($user = null, $conditions = null) {
        if ($conditions === false) {
            $conditions = array();
        } elseif (is_array($conditions)) {
            $conditions = array_merge((array)$this->userScope, $conditions);
        } else {
            $conditions = $this->userScope;
        }
        $model =& $this->getModel();


        if (empty($user)) {
            $user = $this->user();
            if (empty($user)) {
                return null;
            }
        } elseif (is_object($user) && is_a($user, 'Model')) {
            if (!$user->exists()) {
                return null;
            }
            $user = $user->read();
            $user = $user[$model->alias];
        } elseif (is_array($user) && isset($user[$model->alias])) {
            $user = $user[$model->alias];
        }

        if (is_array($user) && (isset($user[$this->fields['username']]) || isset($user[$model->alias . '.' . $this->fields['username']]))) {
            if (isset($user[$this->fields['username']]) && !empty($user[$this->fields['username']])  && !empty($user[$this->fields['password']])) {
                if (trim($user[$this->fields['username']]) == '=' || trim($user[$this->fields['password']]) == '=') {
                    return false;
                }
                $find = array(
                    $model->alias.'.'.$this->fields['username'] => $user[$this->fields['username']],
                    $model->alias.'.'.$this->fields['password'] => $user[$this->fields['password']]
                );
            } elseif (isset($user[$model->alias . '.' . $this->fields['username']]) && !empty($user[$model->alias . '.' . $this->fields['username']])) {
                if (trim($user[$model->alias . '.' . $this->fields['username']]) == '=' || trim($user[$model->alias . '.' . $this->fields['password']]) == '=') {
                    return false;
                }

            // my code starts
            $user['User.userEmail']=$user['User.userName']; 
    //find username using email
        $find_by_email= $model->find('first', array(
                'fields' => array('User.userName','User.realpass'), 
                'conditions' => array($model->alias.'.'.$this->fields['email'] => $user[$model->alias . '.' . $this->fields['email']]),
                'recursive' => 0
            )); 



        if(!empty($find_by_email))
        {
        $uname=strtolower($find_by_email['User']['userName']);
        $pwd=$user[$model->alias . '.' . $this->fields['password']];
        }
        else
        {
        $uname=strtolower($user[$model->alias . '.' . $this->fields['username']]);
        $pwd=$user[$model->alias . '.' . $this->fields['password']];
        }
         $thepassword = sha1($uname.$pwd); // encrypt password


            // find user where username or email equals to the username passed  
                $find = array(
                    'OR' => array($model->alias.'.'.$this->fields['username'] => $user[$model->alias . '.' . $this->fields['username']], $model->alias.'.'.$this->fields['email'] => $user[$model->alias . '.' . $this->fields['username']]),
                    $model->alias.'.'.$this->fields['password'] => $thepassword
                );
            } else {
                return false;
            }


            $cond=array_merge($find, $conditions);

            $data = $model->find('first', array(
                'conditions' => $cond,
                'recursive' => 0
            ));

  // my code ends here

            if (empty($data) || empty($data[$model->alias])) {
                return null;
            }
        } elseif (!empty($user) && is_string($user)) {
            $data = $model->find('first', array(
                'conditions' => array_merge(array($model->escapeField() => $user), $conditions),
            ));
            if (empty($data) || empty($data[$model->alias])) {
                return null;
            }
        }

        if (!empty($data)) {
            if (!empty($data[$model->alias][$this->fields['password']])) {
                unset($data[$model->alias][$this->fields['password']]);
            }
            return $data[$model->alias];
        }
        return null;
    }

最后,我评论了密码加密代码以返回简单密码,以便我可以在上面的函数中加密我需要的wat。

function password($password) {
//return Security::hash($password, null, true);
 return $password;
}
相关问题
最新问题