CakePHP помню меня с Auth

Я успешно использовал Auth, но, к сожалению, похоже, что он работает только с Session. Я хочу, чтобы если пользователь установил флажок «Запомнить меня», я бы использовал Cookie, и он будет входить в систему в течение 2 недель. Я не могу найти что-либо в официальной книге, и в Google я нашел только несколько и не очень хорошие сообщения в блогах. Есть ли способ реализовать это без перезаписи ядра?

В вашем пользовательском контроллере:

public function beforeFilter() { $this->Auth->allow(array('login', 'register')); parent::beforeFilter(); } public function login() { if ($this->request->is('post')) { if ($this->Auth->login()) { // did they select the remember me checkbox? if ($this->request->data['User']['remember_me'] == 1) { // remove "remember me checkbox" unset($this->request->data['User']['remember_me']); // hash the user's password $this->request->data['User']['password'] = $this->Auth->password($this->request->data['User']['password']); // write the cookie $this->Cookie->write('remember_me_cookie', $this->request->data['User'], true, '2 weeks'); } return $this->redirect($this->Auth->redirect()); } else { $this->Session->setFlash(__('Username or password is incorrect.')); } } $this->set(array( 'title_for_layout' => 'Login' )); } public function logout() { // clear the cookie (if it exists) when logging out $this->Cookie->delete('remember_me_cookie'); return $this->redirect($this->Auth->logout()); } 

В окне входа в систему:

 <h1>Login</h1> <?php echo $this->Form->create('User'); ?> <?php echo $this->Form->input('username'); ?> <?php echo $this->Form->input('password'); ?> <?php echo $this->Form->checkbox('remember_me'); ?> Remember Me <?php echo $this->Form->end('Login'); ?> 

В вашем AppController:

 public $components = array( 'Session', 'Auth', 'Cookie' ); public $uses = array('User'); public function beforeFilter() { // set cookie options $this->Cookie->key = 'qSI232qs*&sXOw!adre@34SAv!@*(XSL#$%)asGb$@11~_+!@#HKis~#^'; $this->Cookie->httpOnly = true; if (!$this->Auth->loggedIn() && $this->Cookie->read('remember_me_cookie')) { $cookie = $this->Cookie->read('remember_me_cookie'); $user = $this->User->find('first', array( 'conditions' => array( 'User.username' => $cookie['username'], 'User.password' => $cookie['password'] ) )); if ($user && !$this->Auth->login($user['User'])) { $this->redirect('/users/logout'); // destroy session & cookie } } } из public $components = array( 'Session', 'Auth', 'Cookie' ); public $uses = array('User'); public function beforeFilter() { // set cookie options $this->Cookie->key = 'qSI232qs*&sXOw!adre@34SAv!@*(XSL#$%)asGb$@11~_+!@#HKis~#^'; $this->Cookie->httpOnly = true; if (!$this->Auth->loggedIn() && $this->Cookie->read('remember_me_cookie')) { $cookie = $this->Cookie->read('remember_me_cookie'); $user = $this->User->find('first', array( 'conditions' => array( 'User.username' => $cookie['username'], 'User.password' => $cookie['password'] ) )); if ($user && !$this->Auth->login($user['User'])) { $this->redirect('/users/logout'); // destroy session & cookie } } } 

Смотрите этот URL, я думаю, что это очень помогает вам.

http://lecterror.com/articles/view/cakephp-and-the-infamous-remember-me-cookie

Или попробуйте это

 function login() { if ($this->Auth->user()) { if (!empty($this->data) && $this->data['User']['remember_me']) { $cookie = array(); $cookie['username'] = $this->data['User']['username']; $cookie['password'] = $this->data['User']['password']; $this->Cookie->write('Auth.User', $cookie, true, COOKIE_EXPIRE); unset($this->data['User']['remember_me']); } $this->LogDetail->Write('activity','has logged IN'); $this->redirect($this->Auth->redirect()); } if (empty($this->data)) { $cookie = $this->Cookie->read('Auth.User'); if (!is_null($cookie)) { if ($this->Auth->login($cookie)) { $this->Session->destroy('Message.Auth'); # clear auth message, just in case we use it. $this->LogDetail->Write('activity','has been authenticated via cookie and is now logged IN'); $this->redirect($this->Auth->redirect()); } else { $this->LogDetail->Write('activity','attempted to gain access with an invalid cookie'); $this->Cookie->destroy('Auth.User'); # delete invalid cookie $this->Session->setFlash('Invalid cookie'); $this->redirect('login'); } } } } не function login() { if ($this->Auth->user()) { if (!empty($this->data) && $this->data['User']['remember_me']) { $cookie = array(); $cookie['username'] = $this->data['User']['username']; $cookie['password'] = $this->data['User']['password']; $this->Cookie->write('Auth.User', $cookie, true, COOKIE_EXPIRE); unset($this->data['User']['remember_me']); } $this->LogDetail->Write('activity','has logged IN'); $this->redirect($this->Auth->redirect()); } if (empty($this->data)) { $cookie = $this->Cookie->read('Auth.User'); if (!is_null($cookie)) { if ($this->Auth->login($cookie)) { $this->Session->destroy('Message.Auth'); # clear auth message, just in case we use it. $this->LogDetail->Write('activity','has been authenticated via cookie and is now logged IN'); $this->redirect($this->Auth->redirect()); } else { $this->LogDetail->Write('activity','attempted to gain access with an invalid cookie'); $this->Cookie->destroy('Auth.User'); # delete invalid cookie $this->Session->setFlash('Invalid cookie'); $this->redirect('login'); } } } } - function login() { if ($this->Auth->user()) { if (!empty($this->data) && $this->data['User']['remember_me']) { $cookie = array(); $cookie['username'] = $this->data['User']['username']; $cookie['password'] = $this->data['User']['password']; $this->Cookie->write('Auth.User', $cookie, true, COOKIE_EXPIRE); unset($this->data['User']['remember_me']); } $this->LogDetail->Write('activity','has logged IN'); $this->redirect($this->Auth->redirect()); } if (empty($this->data)) { $cookie = $this->Cookie->read('Auth.User'); if (!is_null($cookie)) { if ($this->Auth->login($cookie)) { $this->Session->destroy('Message.Auth'); # clear auth message, just in case we use it. $this->LogDetail->Write('activity','has been authenticated via cookie and is now logged IN'); $this->redirect($this->Auth->redirect()); } else { $this->LogDetail->Write('activity','attempted to gain access with an invalid cookie'); $this->Cookie->destroy('Auth.User'); # delete invalid cookie $this->Session->setFlash('Invalid cookie'); $this->redirect('login'); } } } } 

Помните, что это не что иное, как сеанс, идентифицированный с файлом cookie, но время жизни cookie установлено в бесконечность. Посмотрите Config / core.php на время работы cookie сеанса.

Я думаю, вам нужно знать о уровнях безопасности CakePHP. Попытайтесь снизить безопасность своего cakePHP. Документация по конфигурационным файлам CakePHP. Я написал блог об этом еще давно.

вы можете попробовать это

 if ($this->Auth->login()) { if (!empty($this->data['User']['remember'])) { $cookie = array(); $cookie['login'] = $this->data['User']['login']; $cookie['password'] = $this->data['User']['password']; $cookie['language'] =$this->data['User']['language']; $this->Cookie->write('Auth.projectname', $cookie, true, '+1 years'); unset($this->data['User']['remember']); 
  public function admin_login() { $this->layout = 'admin_login'; if (count($this->Session->read("Auth.User"))) { $usr = $this->Session->read("Auth.User"); if ($usr['role'] == 'A' || $usr['role'] == 'RA' || $usr['role'] == 'MAfA' || $usr['role'] == 'Af' || $usr['role'] == 'FAA') return $this->redirect(array('controller' => 'dashboard', 'action' => 'view')); } if ($this->request->is('post')) { if ($this->request->data['User']['remember_me']=="1") { // pr($this->request->data); // die('sdd'); $this->Cookie->write('username', $this->request->data['User']['username'], true, '1 year'); $this->Cookie->write('password', $this->request->data['User']['password'], true, '1 year'); } else { $this->Cookie->destroy(); } /* * Check if email or username is passed in form */ $uname = $this->request->data['User']['username']; //login via email if (filter_var($uname, FILTER_VALIDATE_EMAIL)) { $u = $this->User->findByemail($uname); } else { //login via username $u = $this->User->findByusername($uname); } if ($u) { $this->request->data['User']['username'] = $u['User']['username']; /* * * * Error if user is not active */ if ($u['User']['user_status'] != 'active') { $this->Session->setFlash(__('Sorry! Your account is not active.'), 'default', array('class' => 'alert alert-danger')); } elseif ($this->Auth->login()) { //if logged in $user_caps = $this->fetchCapabilitiesByRole($u['User']['role']); $this->Session->write("Auth.User.privileges", array('capabilities' => $user_caps['capabilities'], 'geo_areas' => array())); if ($u['User']['role'] == 'A' || $u['User']['role'] == 'RA' || $u['User']['role'] == 'Af' || $u['User']['role'] == 'MAfA' || $u['User']['role'] == 'FAA') return $this->redirect(array('controller' => 'dashboard', 'action' => 'view')); return $this->redirect($this->Auth->redirect()); }else { //if invalid $this->Session->setFlash(__('Invalid username or password.'), 'default', array('class' => 'alert alert-danger')); } } else {//if user does not exists $this->Session->setFlash(__('User does not exists.'), 'default', array('class' => 'alert alert-danger')); } } } -  public function admin_login() { $this->layout = 'admin_login'; if (count($this->Session->read("Auth.User"))) { $usr = $this->Session->read("Auth.User"); if ($usr['role'] == 'A' || $usr['role'] == 'RA' || $usr['role'] == 'MAfA' || $usr['role'] == 'Af' || $usr['role'] == 'FAA') return $this->redirect(array('controller' => 'dashboard', 'action' => 'view')); } if ($this->request->is('post')) { if ($this->request->data['User']['remember_me']=="1") { // pr($this->request->data); // die('sdd'); $this->Cookie->write('username', $this->request->data['User']['username'], true, '1 year'); $this->Cookie->write('password', $this->request->data['User']['password'], true, '1 year'); } else { $this->Cookie->destroy(); } /* * Check if email or username is passed in form */ $uname = $this->request->data['User']['username']; //login via email if (filter_var($uname, FILTER_VALIDATE_EMAIL)) { $u = $this->User->findByemail($uname); } else { //login via username $u = $this->User->findByusername($uname); } if ($u) { $this->request->data['User']['username'] = $u['User']['username']; /* * * * Error if user is not active */ if ($u['User']['user_status'] != 'active') { $this->Session->setFlash(__('Sorry! Your account is not active.'), 'default', array('class' => 'alert alert-danger')); } elseif ($this->Auth->login()) { //if logged in $user_caps = $this->fetchCapabilitiesByRole($u['User']['role']); $this->Session->write("Auth.User.privileges", array('capabilities' => $user_caps['capabilities'], 'geo_areas' => array())); if ($u['User']['role'] == 'A' || $u['User']['role'] == 'RA' || $u['User']['role'] == 'Af' || $u['User']['role'] == 'MAfA' || $u['User']['role'] == 'FAA') return $this->redirect(array('controller' => 'dashboard', 'action' => 'view')); return $this->redirect($this->Auth->redirect()); }else { //if invalid $this->Session->setFlash(__('Invalid username or password.'), 'default', array('class' => 'alert alert-danger')); } } else {//if user does not exists $this->Session->setFlash(__('User does not exists.'), 'default', array('class' => 'alert alert-danger')); } } } 

Прошло некоторое время, поскольку на вопрос был дан ответ, но, надеюсь, это может помочь тем, кто приходит за мной.

Я написал краткое пошаговое руководство о том, как настроить функцию «запомнить меня», используя плагин Auhenticate от Ceeram

Подробнее здесь: http://mirkoborivojevic.com/posts/2013/08/10/setup-remember-me-functionality-in-cakephp/