授权 public URL 不断重定向以进行身份验证并失败
Authorized public URL keeps redirecting for authentication and failing
在这种情况下,OurCustomAuth 当前返回预期值 false,正在到达适当的 else,但 users/error 路径甚至不断重定向虽然它已经制作 public 并且不需要任何身份验证。
我已经设置了新操作:
C:\wamp\myapp\app>Console\cake AclExtras.AclExtras aco_update
Welcome to CakePHP v2.4.9 Console
---------------------------------------------------------------
App : app
Path: C:\wamp\myapp\app\
---------------------------------------------------------------
Created Aco node: controllers/Users/error
Aco Update Complete
在 UsersController 中,我添加了要执行的操作 public:
public function beforeFilter() {
parent::beforeFilter ();
$this->Auth->allow ('logout', 'error');
}
在 AppController 中,Auth 配置:
public $components = array(
'Acl',
'Cookie',
'DebugKit.Toolbar', 'Session',
'Auth' => array(
'authenticate' => array('OurCustomAuth'),
'loginAction' => array('controller' => 'users', 'action' => 'view'),
'authError' => 'Did you really think you are allowed to see that?',
'authorize' => array('Actions' => array('actionPath' => 'controllers'))
)
);
...
public function beforeFilter() {
...
//Auto logging users in if they are not logged in
if (!AuthComponent::user('id')) {
if ($this->Auth->login()) {
//stuff here
} else {
$this->Session->setFlash(__('We could not authenticate you ...'));
return $this->redirect(array('controller' => 'Users', 'action' => 'error'));
}
}
...
}
我在 Firefox 中遇到的错误:
The page isn’t redirecting properly
Firefox has detected that the server is redirecting the request for
this address in a way that will never complete.
更新 #1
$this->Auth->login() 本质上是抓取请求 headers,在这种情况下是故意错误的,这似乎重定向到适当的 link。但是,/users/error 不应导致重定向,因为它已被排除在身份验证之外。
问题是您在每次请求时 运行 您的登录代码,即在应用程序控制器 beforeFilter() 方法中。因此,当该代码将您重定向到 /users/error 因为您未登录时,该代码将再次为该 controller/action 运行,并一次又一次地重定向您......
如果您需要为每个请求 运行 此代码,则您必须手动检查允许的操作,即通过 $this->Auth->allow() 和 运行 您的允许的操作仅在不允许当前操作的情况下编写代码。检查 AuthComponent::_isAllowed() 的代码,您可以轻松使用它,只需进行少量修改:
$action = strtolower($this->request->params['action']);
if (!in_array($action, array_map('strtolower', $this->Auth->allowedActions))) {
//Auto logging users in if they are not logged in
if (!AuthComponent::user('id')) {
// ...
}
}
在这种情况下,OurCustomAuth 当前返回预期值 false,正在到达适当的 else,但 users/error 路径甚至不断重定向虽然它已经制作 public 并且不需要任何身份验证。
我已经设置了新操作:
C:\wamp\myapp\app>Console\cake AclExtras.AclExtras aco_update
Welcome to CakePHP v2.4.9 Console
---------------------------------------------------------------
App : app
Path: C:\wamp\myapp\app\
---------------------------------------------------------------
Created Aco node: controllers/Users/error
Aco Update Complete
在 UsersController 中,我添加了要执行的操作 public:
public function beforeFilter() {
parent::beforeFilter ();
$this->Auth->allow ('logout', 'error');
}
在 AppController 中,Auth 配置:
public $components = array(
'Acl',
'Cookie',
'DebugKit.Toolbar', 'Session',
'Auth' => array(
'authenticate' => array('OurCustomAuth'),
'loginAction' => array('controller' => 'users', 'action' => 'view'),
'authError' => 'Did you really think you are allowed to see that?',
'authorize' => array('Actions' => array('actionPath' => 'controllers'))
)
);
...
public function beforeFilter() {
...
//Auto logging users in if they are not logged in
if (!AuthComponent::user('id')) {
if ($this->Auth->login()) {
//stuff here
} else {
$this->Session->setFlash(__('We could not authenticate you ...'));
return $this->redirect(array('controller' => 'Users', 'action' => 'error'));
}
}
...
}
我在 Firefox 中遇到的错误:
The page isn’t redirecting properly
Firefox has detected that the server is redirecting the request for this address in a way that will never complete.
更新 #1
$this->Auth->login() 本质上是抓取请求 headers,在这种情况下是故意错误的,这似乎重定向到适当的 link。但是,/users/error 不应导致重定向,因为它已被排除在身份验证之外。
问题是您在每次请求时 运行 您的登录代码,即在应用程序控制器 beforeFilter() 方法中。因此,当该代码将您重定向到 /users/error 因为您未登录时,该代码将再次为该 controller/action 运行,并一次又一次地重定向您......
如果您需要为每个请求 运行 此代码,则您必须手动检查允许的操作,即通过 $this->Auth->allow() 和 运行 您的允许的操作仅在不允许当前操作的情况下编写代码。检查 AuthComponent::_isAllowed() 的代码,您可以轻松使用它,只需进行少量修改:
$action = strtolower($this->request->params['action']);
if (!in_array($action, array_map('strtolower', $this->Auth->allowedActions))) {
//Auto logging users in if they are not logged in
if (!AuthComponent::user('id')) {
// ...
}
}