|
ACF是一种通过yiifiltersAccessControl类来实现的简单授权
一般在控制器中我们调用如下:
打开backendcontrollerSiteController.php 我们看到这样一段代码
public function behaviors()
{
return [
‘access‘ => [
‘class‘ => AccessControl::className(),
‘rules‘ => [
[
‘actions‘ => [‘login‘,‘error‘],
‘allow‘ => true,
],
[
‘actions‘ => [‘logout‘,‘index‘],
‘roles‘ => [‘@‘],
‘verbs‘ => [
‘class‘ => VerbFilter::className(),
‘actions‘ => [
‘logout‘ => [‘post‘],
];
}
几个必须到配置:
1、配置验证类User
‘user‘ => [
‘identityClass‘ => ‘commonmodelsUsermember‘,
‘enableAutoLogin‘ => true,
‘identityCookie‘ => [‘name‘ => ‘_identity-frontend‘,‘httpOnly‘ => true],
‘loginUrl‘=>‘/public/login‘
],
2、继承IdentityInterface接口
一般来说,从数据库查找数据,只需要继承AR类即可,但是,我们这个是用户登录模型,核心是验证,所以自然需要实现核心的验证功能,就像LoginForm模型提到的validatePassword一样,实际的验证逻辑是在当前的User模型完成的。一般来说,实现IdentityInterface接口,需要实现以下方法:
public static function findIdentity($id); //①
public static function findIdentityByAccessToken($token,$type = null); //②
public function getId(); //③
public function getAuthKey(); //④
public function validateAuthKey($authKey); //⑤
3、登录到login()做相关调用验证:
public function login()
{
if ($this->validate()) {
if($this->rememberMe)
{
$this->_user->generateAuthKey();//③
}
return Yii::$app->user->login($this->getUser(),$this->rememberMe ? 36002430 : 0);
}
return false;
}
4、对用到控制器类做配置
/**
- {@inheritdoc}*/public function behaviors(){return [‘access‘ => [‘class‘ => AccessControl::className(),‘only‘ => [‘userhome‘,‘signup‘],‘rules‘ => [[‘actions‘ => [‘‘,‘allow‘ => true,‘roles‘ => [‘?‘],],[‘actions‘ => [‘userhome‘],‘roles‘ => [‘@‘],‘verbs‘ => [‘class‘ => VerbFilter::className(),‘actions‘ => [‘logout‘ => [‘post‘],];}
(编辑:李大同)
【声明】本站内容均来自网络,其相关言论仅代表作者个人观点,不代表本站立场。若无意侵犯到您的权利,请及时与联系站长删除相关内容!
|
