Yii2 使用我的用户名和密码,但使用其他帐户登录
我是yii2框架的初学者。我有一个奇怪的问题 有时在我的网站中使用我的用户名和密码登录后,它会显示另一个帐户和个人资料,就像我使用另一个用户名登录一样 正如我所说,这种情况有时发生,但并不总是发生 这个问题与什么有关?(控制器、会话、cookie或…) 这是实现IdentityInterface的类Yii2 使用我的用户名和密码,但使用其他帐户登录,yii2,yii2-advanced-app,Yii2,Yii2 Advanced App,我是yii2框架的初学者。我有一个奇怪的问题 有时在我的网站中使用我的用户名和密码登录后,它会显示另一个帐户和个人资料,就像我使用另一个用户名登录一样 正如我所说,这种情况有时发生,但并不总是发生 这个问题与什么有关?(控制器、会话、cookie或…) 这是实现IdentityInterface的类 class User extends ActiveRecord implements IdentityInterface { const STATUS_DELETED = 0; c
class User extends ActiveRecord implements IdentityInterface {
const STATUS_DELETED = 0;
const STATUS_ACTIVE = 10;
/**
* @inheritdoc
*/
public static function tableName() {
return '{{%user}}';
}
/**
* @inheritdoc
*/
public function behaviors() {
return [
TimestampBehavior::className(),
];
}
/**
* @inheritdoc
*/
public function rules() {
return [
['status', 'default', 'value' => self::STATUS_ACTIVE],
['status', 'in', 'range' => [self::STATUS_ACTIVE, self::STATUS_DELETED]],
];
}
/**
* @inheritdoc
*/
public static function findIdentity($id) {
return static::findOne(['id' => $id, 'status' => self::STATUS_ACTIVE]);
}
/**
* @inheritdoc
*/
public static function findIdentityByAccessToken($token, $type = null) {
throw new NotSupportedException('"findIdentityByAccessToken" is not implemented.');
}
/**
* Finds user by username
*
* @param string $username
* @return static|null
*/
public static function findByUsername($username) {
return static::findOne(['username' => $username, 'status' => self::STATUS_ACTIVE]);
}
/**
* Finds user by password reset token
*
* @param string $token password reset token
* @return static|null
*/
public static function findByPasswordResetToken($token) {
if (!static::isPasswordResetTokenValid($token)) {
return null;
}
return static::findOne([
'password_reset_token' => $token,
'status' => self::STATUS_ACTIVE,
]);
}
public static function findByType($username) {
return static::findOne(['username' => $username, 'status' => self::STATUS_ACTIVE, 'type' => 'backend']);
}
/**
* Finds out if password reset token is valid
*
* @param string $token password reset token
* @return bool
*/
public static function isPasswordResetTokenValid($token) {
if (empty($token)) {
return false;
}
$timestamp = (int) substr($token, strrpos($token, '_') + 1);
$expire = Yii::$app->params['user.passwordResetTokenExpire'];
return $timestamp + $expire >= time();
}
/**
* @inheritdoc
*/
public function getId() {
return $this->getPrimaryKey();
}
/**
* @inheritdoc
*/
public function getAuthKey() {
return $this->auth_key;
}
/**
* @inheritdoc
*/
public function validateAuthKey($authKey) {
return $this->getAuthKey() === $authKey;
}
/**
* Validates password
*
* @param string $password password to validate
* @return bool if password provided is valid for current user
*/
public function validatePassword($password) {
return Yii::$app->security->validatePassword($password, $this->password_hash);
}
/**
* Generates password hash from password and sets it to the model
*
* @param string $password
*/
public function setPassword($password) {
$this->password_hash = Yii::$app->security->generatePasswordHash($password);
}
/**
* Generates "remember me" authentication key
*/
public function generateAuthKey() {
$this->auth_key = Yii::$app->security->generateRandomString();
}
/**
* Generates new password reset token
*/
public function generatePasswordResetToken() {
$this->password_reset_token = Yii::$app->security->generateRandomString() . '_' . time();
}
/**
* Removes password reset token
*/
public function removePasswordResetToken() {
$this->password_reset_token = null;
}
}
这是frontend/config/main.php:
use \yii\web\Request;
$baseUrl = str_replace('/frontend/web', '', (new Request)->getBaseUrl());
$params = array_merge(
require(__DIR__ . '/../../common/config/params.php'), require(__DIR__ . '/../../common/config/params-local.php'), require(__DIR__ . '/params.php'), require(__DIR__ . '/params-local.php')
);
return [
'id' => 'app-frontend',
'basePath' => dirname(__DIR__),
'bootstrap' => ['log'],
'controllerNamespace' => 'frontend\controllers',
'modules' => [
'message' => [
'class' => 'frontend\modules\message\message',
],
'gii' => [
'class' => 'yii\gii\Module',
'allowedIPs' => ['127.0.0.1', '::1', '192.168.1.*', 'XXX.XXX.XXX.XXX'] // adjust this to your needs
],
],
'components' => [
'user' => [
'identityClass' => 'common\models\User',
'enableAutoLogin' => true,
'enableSession' => true,
'identityCookie' => [
'name' => 'frontEndIdentityUser',
'path' => '/'
]
],
'session' => [
'name' => 'frontEndIdentity',
'savePath' => __DIR__ . '/../runtime/sessions',
],
'log' => [
'traceLevel' => YII_DEBUG ? 3 : 0,
'targets' => [
[
'class' => 'yii\log\FileTarget',
'levels' => ['error', 'warning'],
],
],
],
'errorHandler' => [
'errorAction' => 'site/error',
],
],
'params' => $params,
];
如果奇怪的用户名是后端应用程序中当前登录的用户名,则可以来自与前端应用程序同名的后端应用程序的会话名称
'components' => [
...
'session' => [
...
// name should be different than any other
// application on the same site
'name' => 'frontEndIdentity',
...
],
...
]
可能是您有多个具有相同ID的用户发生冲突。是否可以发送实现
IdentityInterface
的类的代码以进行检查?@mmonem我添加了该类冲突是否来自后端用户。我的意思是,当您登录时,您看到另一个登录用户名,是不是奇怪的用户名就是后端应用程序中当前登录的用户名?可能是,但我认为它是独立的前端和后端会话。@mmonem可能是,但是我认为它是独立的前端和后端会话。您可以检查frontEndIdentity
是否未设置为后端配置的会话组件中的名称app@mmonem我认为当enableAutoLogin
为真时会发生这种情况