如何在Cakephp 2.0 auth组件中测试用户是否处于活动状态?

ca1c2owp  于 2022-11-11  发布在  PHP
关注(0)|答案(2)|浏览(175)

我在使用新的Auth组件测试用户是否处于活动状态时遇到了麻烦。我有3种用户状态:0未激活(默认),1激活,2去激活。我尝试在登录函数中实现这个,这样我就可以返回他们是没有注册还是已经被禁止。

登录名

public function login() {
        if ($this->request->is('post')) {
            if($this->Auth->login()) {                   
                $results = $this->User->find('all', array(
                    'conditions' => array('User.email' => $this->Auth->user('email')),
                    'fields' => array('User.is_active')
                ));
                if ($results['User']['is_active'] == 0) {
                    // User has not confirmed account
                    $this->Session->setFlash('Your account has not been activated. Please check your email.');
                    $this->Auth->logout();
                    $this->redirect(array('action'=>'login'));
                }
               // not working atm
                else if ($results['User']['is_active'] == 2) {
                    // User has been deactivated
                    $this->Session->setFlash('Your account has been deactivated. Contact site admin if you believe this is in error.');
                    $this->Auth->logout();
                    $this->redirect(array('action'=>'login'));
                }
                else if ($results['User']['is_active'] == 1) {
                    // User is active
                      $this->redirect($this->Auth->redirect());
                    }
            } else {
                $this->Session->setFlash(__('Your email/password combination was incorrect'));
            }
        }
    }

不知道我哪里出错了。拥有管理员权限的用户和激活的用户仍然会收到未激活帐户错误。

更新

决定删除User.is_active字段并在角色中处理它。我在AppController中处理它,它现在几乎可以工作了。在isAuthorized函数中,如果用户被禁止或未激活,它现在会抛出错误,但我也需要它来注销他们。

public function isAuthorized($user) {
    // This isAuthorized determines what logged in users are able to see on ALL controllers. Use controller
    // by controller isAuthorized to limit what they can view on each one. Basically, you do not want to allow
    // actions on all controllers for users. Only admins can access every controller.
    if (isset($user['role']) && $user['role'] === 'admin') {
        return true; //Admin can access every action
    }
    elseif (isset($user['role']) && $user['role'] === 'unactivated') { // Account has not been activated
        $this->Session->setFlash("You haven't activated your account yet. Please check your email.");
        return false; 
    }
    elseif (isset($user['role']) && $user['role'] === 'banned') { // Your account has been banned
        $this->Session->setFlash("You're account has been banned. If you feel this was an error, please contact the site administrator.");
        return false;
    }
    return false; // The rest don't
}
cakephp

2条答案

按热度按时间
j8ag8udp

j8ag8udp1#

如果用户登录,可以使用$this->Auth->user()访问用户模型信息。因此,您应该能够执行以下操作:

if ($this->Auth->login()) {
    if ($this->Auth->user('is_active') == 0) {
        // User has not confirmed account
    } else if ($this->Auth->user('is_active') == 1) {
        // User is active

    // and so on

您可以在login()之后使用debug($this->Auth->user());来查看为什么用户一直显示为未激活。

赞(0)分享  回复(0)举报  2022-11-11
ojsjcaue

ojsjcaue2#

现在,在2021年,对于CakePHP 4.x,这是正确的方法:

if ( $result->isValid() ) {

   if ( $this->getRequest()->getAttribute('identity')->is_active ) {
      // The user is active and can log in
   } else {
      // The user is not active - reject the log in
   }
}
赞(0)分享  回复(0)举报  2022-11-11
我来回答

相关问题

    查看更多

    热门标签

    更多
    JavaquerypythonNode开发语言requestUtil数据库Table后端算法LoggerMessageElementParser

    最新问答

    更多
    • 蜀ICP备2022004421号-2 NULL123 https://www.null123.com © All rights reserved
    • 本站内容来源互联网,如果侵犯您的权益请联系我们删除, 联系方式:448109455@qq.com