发表新帖
发表新帖

CakePHP 2.x Auth with Two Separate Logins

前端 未结
关注
2 775
予麋鹿
予麋鹿 2020-12-13 07:34

Back in May, I posted this question. I\'m trying to do the same thing again on a different app, but I haven\'t found a solution to this problem. I do have more information a

相关标签:
2条回答
  • 庸人自扰
    2020-12-13 08:09

    Instead of

    $this->Session->write('Auth.redirect','/physicians/index');

    you should use

    setcookie("keys", value);
    0 讨论(0)
  • 抹茶落季
    2020-12-13 08:26

    OK I've got a way to do it. You know about prefix routing? If not, read my answer here: CakePHP/MVC Admin functions placement That answer describes how to set up a single routing prefix ('admin'). But you can have any number - just like this:

    Configure::write('Routing.prefixes', array('admin','phys','member','user'));
// now we have admin, phys, member and user prefix routing enabled.

    What you can do is have all the doctor's methods use 'admin' prefix routing, and all the physicians methods use 'phys' prefix routing.

    So the below is code I've hacked together pretty quickly, so it might not be perfect but it should show the concept. Here it is in pseudo code for the before filter method of your app controller:

    if (USER IS TRYING TO ACCESS AN ADMIN PREFIXED METHOD) {
    Then use the users table for auth stuff
} else if (USER IS TRYING TO ACCESS A PHYS PREFIXED METHOD) {
    Then use the physicians table for auth stuff
} else {
    It's neither an admin method, not a physicians method. So just always allow access. Or always deny access - depending on your site
}

    Here's my app controller code:

    App::uses('Controller', 'Controller');

class AppController extends Controller {

    public $components = array('Security','Cookie','Session','Auth','RequestHandler');
    public $helpers = array('Cache','Html','Session','Form');

    function beforeFilter() {

        if ($this->request->prefix == 'admin') {
            $this->layout = 'admin';
            // Specify which controller/action handles logging in:
            AuthComponent::$sessionKey = 'Auth.Admin'; // solution from https://stackoverflow.com/questions/10538159/cakephp-auth-component-with-two-models-session
            $this->Auth->loginAction = array('controller'=>'administrators','action'=>'login');
            $this->Auth->loginRedirect = array('controller'=>'some_other_controller','action'=>'index');
            $this->Auth->logoutRedirect = array('controller'=>'administrators','action'=>'login');
            $this->Auth->authenticate = array(
                'Form' => array(
                    'userModel' => 'User',
                )
            );
            $this->Auth->allow('login');

        } else if ($this->request->prefix == 'phys') {
            // Specify which controller/action handles logging in:
            AuthComponent::$sessionKey = 'Auth.Phys'; // solution from https://stackoverflow.com/questions/10538159/cakephp-auth-component-with-two-models-session
            $this->Auth->loginAction = array('controller'=>'users','action'=>'login');
            $this->Auth->logoutRedirect = '/';

            $this->Auth->authenticate = array(
                'Form' => array(
                    'userModel' => 'Physician',
                )
            );
        } else {
            // If we get here, it is neither a 'phys' prefixed method, not an 'admin' prefixed method.
            // So, just allow access to everyone - or, alternatively, you could deny access - $this->Auth->deny();
            $this->Auth->allow();           
        }
    }

    public function isAuthorized($user){
        // You can have various extra checks in here, if needed.
        // We'll just return true though. I'm pretty certain this method has to exist, even if it just returns true.
        return true;
    }

}

    Note the lines:

    AuthComponent::$sessionKey = 'Auth.Admin'; // solution from https://stackoverflow.com/questions/10538159/cakephp-auth-component-with-two-models-session

    and

    AuthComponent::$sessionKey = 'Auth.Phys'; // solution from https://stackoverflow.com/questions/10538159/cakephp-auth-component-with-two-models-session

    What that does is allows a person to be logged in as both a physician, and an admin, in the one browser, without interfering with each other's session. You may not need it in the live site, but it's certainly handy while testing.

    Now, in you're respective controllers, you'll need straight-forward login/logout methods, with the appropriate prefix.

    So, for admin prefixing, in your users controller:

    public function admin_login() {
    if ($this->request->is('post')) {
        if ($this->Auth->login()) {
            return $this->redirect($this->Auth->redirect());
        } else {
            $this->Session->setFlash(__('Username or password is incorrect'), 'default', array(), 'auth');
        }
    }
}

public function admin_logout() {
    $this->Session->setFlash('Successfully Logged Out');
    $this->redirect($this->Auth->logout());
}

    And in your physicians controller:

    public function phys_login() {
    if ($this->request->is('post')) {
        if ($this->Auth->login()) {
            return $this->redirect($this->Auth->redirect());
        } else {
            $this->Session->setFlash(__('Username or password is incorrect'), 'default', array(), 'auth');
        }
    }
}

public function phys_logout() {
    $this->Session->setFlash('Successfully Logged Out');
    $this->redirect($this->Auth->logout());
}

    Like I said, that all code I hacked together pretty quickly, so it might not work verbatim, but it should show the concept. Let me know if you have any questions.

    0 讨论(0)
 看不清?
提交回复
热议问题