CakePHP 3 下的摘要认证
Digest Authentification under CakePHP 3
我正在尝试使用 Cakephp 3.1 下的身份验证组件创建摘要式身份验证,但我遇到了问题。我正在使用下面的代码,在上一个弹出窗口中输入正确的用户名和密码后,我会立即弹出 HTTP-Authentication 弹出窗口。然后,如果我按取消,我会得到这个:Cake\Auth\BasicAuthenticate->unauthenticated。
有人可以告诉我我做错了什么吗?
AppController.php
$this->loadComponent('Auth', [
'authorize' => 'Controller',
'loginRedirect' => [
'controller' => 'Users',
'action' => 'index'
],
'authenticate' => [
'Digest' => [
'fields' => ['username' => 'username', 'password' => 'digest_hash'],
'userModel' => 'Users',
],
],
'loginAction' => [
'controller' => 'Users',
'action' => 'login',
],
'storage' => 'Memory',
'unauthorizedRedirect' => false
]);
UserTable.php
public function beforeSave(Event $event)
{
$entity = $event->data['entity'];
// Make a password for digest auth.
$entity->digest_hash = DigestAuthenticate::password(
$entity->username,
$entity->plain_password,
env('SCRIPT_NAME')
);
return true;
}
在客户端部分
public function digest(){
$http = new Client();
$response = $http->get('http://localhost/project/api/v1/users/view/22', [], [
'auth' => [
'type' => 'digest',
'username' => 'Digest',
'password' => 'my_password',
]
]);
当我检查 Debug-kit 环境时,我有这个:
PHP_AUTH_DIGEST username="Digest", realm="localhost", nonce="57ac3609a5b79", uri="/project/api/v1/users/view/22", response="af0e1fe455aa7f1475df715ef5231b56", opaque="421aa90e079fa326b6494f812ad13e79", qop=auth, nc=00000001, cnonce="0bb461453700ebc1"
这可能为时已晚,但对某些人仍然有帮助!
Well using $this->Auth->unauthorizedRedirect = false,. causes AuthComponent to throw a ForbiddenException
exception instead of redirecting to another page unless you submit valid username and password.
正确注册:
显然 register/add 用户的 digest 密码正确才能使 digest 身份验证成为可能很重要。
如documentation中所述,我们可以在UsersTable.php中添加以下代码来添加摘要哈希密码:
public function beforeSave(Event $event)
{
$entity = $event->data['entity'];
// Make a password for digest auth.
$entity->digest_hash = DigestAuthenticate::password(
$entity->username,
$entity->plain_password,
env('SERVER_NAME')
);
return true;
}
但是要注意上面提到的variable/term:
1. $entity->digest_hash (this should be equivalent to the field you have made to
save password, eg. password_hash)
2. $entity->username (this should be equivalent to the field you have made to
save username, eg. email)
3. $entity->plain_password (again this should be equivalent to the field you have made to
save password, eg. password_hash)
4. env('SERVER_NAME') (this is third parameter for making digest password,
"SERVER_NAME" is default value and we can left it this way.)
总而言之,如果我们有电子邮件(用于用户名)和 password_hash(用于密码),那么上面的函数将是:
public function beforeSave(Event $event)
{
$entity = $event->data['entity'];
// Make a password for digest auth.
$entity->password_hash= DigestAuthenticate::password(
$entity->email,
$entity->password_hash,
env('SERVER_NAME')
);
return true;
}
我之所以关注上面的事情,是因为它们有可能出错。
我正在尝试使用 Cakephp 3.1 下的身份验证组件创建摘要式身份验证,但我遇到了问题。我正在使用下面的代码,在上一个弹出窗口中输入正确的用户名和密码后,我会立即弹出 HTTP-Authentication 弹出窗口。然后,如果我按取消,我会得到这个:Cake\Auth\BasicAuthenticate->unauthenticated。
有人可以告诉我我做错了什么吗?
AppController.php
$this->loadComponent('Auth', [
'authorize' => 'Controller',
'loginRedirect' => [
'controller' => 'Users',
'action' => 'index'
],
'authenticate' => [
'Digest' => [
'fields' => ['username' => 'username', 'password' => 'digest_hash'],
'userModel' => 'Users',
],
],
'loginAction' => [
'controller' => 'Users',
'action' => 'login',
],
'storage' => 'Memory',
'unauthorizedRedirect' => false
]);
UserTable.php
public function beforeSave(Event $event)
{
$entity = $event->data['entity'];
// Make a password for digest auth.
$entity->digest_hash = DigestAuthenticate::password(
$entity->username,
$entity->plain_password,
env('SCRIPT_NAME')
);
return true;
}
在客户端部分
public function digest(){
$http = new Client();
$response = $http->get('http://localhost/project/api/v1/users/view/22', [], [
'auth' => [
'type' => 'digest',
'username' => 'Digest',
'password' => 'my_password',
]
]);
当我检查 Debug-kit 环境时,我有这个:
PHP_AUTH_DIGEST username="Digest", realm="localhost", nonce="57ac3609a5b79", uri="/project/api/v1/users/view/22", response="af0e1fe455aa7f1475df715ef5231b56", opaque="421aa90e079fa326b6494f812ad13e79", qop=auth, nc=00000001, cnonce="0bb461453700ebc1"
这可能为时已晚,但对某些人仍然有帮助!
Well using
$this->Auth->unauthorizedRedirect = false,. causes AuthComponent to throw a ForbiddenException exception instead of redirecting to another page unless you submit valid username and password.
正确注册:
显然 register/add 用户的 digest 密码正确才能使 digest 身份验证成为可能很重要。
如documentation中所述,我们可以在UsersTable.php中添加以下代码来添加摘要哈希密码:
public function beforeSave(Event $event)
{
$entity = $event->data['entity'];
// Make a password for digest auth.
$entity->digest_hash = DigestAuthenticate::password(
$entity->username,
$entity->plain_password,
env('SERVER_NAME')
);
return true;
}
但是要注意上面提到的variable/term:
1. $entity->digest_hash (this should be equivalent to the field you have made to
save password, eg. password_hash)
2. $entity->username (this should be equivalent to the field you have made to
save username, eg. email)
3. $entity->plain_password (again this should be equivalent to the field you have made to
save password, eg. password_hash)
4. env('SERVER_NAME') (this is third parameter for making digest password,
"SERVER_NAME" is default value and we can left it this way.)
总而言之,如果我们有电子邮件(用于用户名)和 password_hash(用于密码),那么上面的函数将是:
public function beforeSave(Event $event)
{
$entity = $event->data['entity'];
// Make a password for digest auth.
$entity->password_hash= DigestAuthenticate::password(
$entity->email,
$entity->password_hash,
env('SERVER_NAME')
);
return true;
}
我之所以关注上面的事情,是因为它们有可能出错。