Session 在cakePhp 2.4中重定向post登录后会话丢失
我目前正在使用cakePHP 2.4.5,并尝试实现授权。我的AppController.php是:Session 在cakePhp 2.4中重定向post登录后会话丢失,session,cakephp,authentication,redirect,Session,Cakephp,Authentication,Redirect,我目前正在使用cakePHP 2.4.5,并尝试实现授权。我的AppController.php是: class AppController extends Controller { public $helpers = array('Html', 'Form', 'Session'); public $components = array( 'Session', 'RequestHandler', 'Auth' => arr
class AppController extends Controller {
public $helpers = array('Html', 'Form', 'Session');
public $components = array(
'Session',
'RequestHandler',
'Auth' => array(
'loginRedirect' => array(
'controller' => 'themeroles',
'action' => 'add'
),
'logoutRedirect' => array(
'controller' => 'pages',
'action' => 'display',
'home'
)
)
);
public function isAuthorized($user) {
$auth = CakeSession::read('Auth');
if (isset($auth['User'])){
$loggedInUser = $auth['User']['username'];
$loggedInRole = $auth['User']['role'];
// Admin can access every action
if (isset($loggedInRole) && $loggedInRole === 'admin') {
return true;
}
if (isset($loggedInUser) &&!empty($user) && $loggedInUser === $user) {
return true;
}
}
CakeSession::write('redirectURL', Router::reverse($this->request, true));
// Default deny
return false;
}
public function beforeFilter() {
$this->Auth->allow('index', 'view');
}
}
我的UsersController具有:
public function beforeFilter() {
parent::beforeFilter();
$this->Auth->allow('add', 'logout');
}
public function login() {
if ($this->request->is('post')) {
if ($this->Auth->login()) {
return $this->redirect($this->Auth->redirect());
}
$this->Session->setFlash(__('Invalid username or password, try again'));
}
}
但是在重定向之后,会话似乎被终止了。我会自动重定向到登录页面
我在core.php中找到了一个可能的解决方案:
Configure::write('Security.level', 'low');
Configure::write('Security.cookie', 'cakephpfdebackend');
Configure::write('Session.cookieTimeout', 0);
Configure::write('Session.checkAgent', false);
Configure::write('Session.cookie_secure',false);
Configure::write('Session.referer_check' ,false);
Configure::write('Session.defaults', 'php');
但这没有帮助。我缺少什么?我认为问题出在您的
isAuthorized()
函数上。在每次尝试登录时编写新会话之前,它会发现isset($auth['User'])
已设置但为空。因此,如果
根本不运行。结果它返回false
因此,请尝试:
if (!empty($auth['User'])){