使用前缀,我可以为管理员和用户提供单独的会话和登录。例如 AppController.php 有:
if ($this->request->prefix == 'admin') {
$this->loadComponent('Auth', [
'authenticate' => [
'Form' => [
'userModel' => 'Admins',
'fields' => ['username' => 'email', 'password' => 'password']
],
],
'loginAction' => [
'controller' => 'Admins',
'action' => 'login'
],
'loginRedirect' => [
'controller' => 'Admins',
'action' => 'index'
],
'logoutRedirect' => [
'controller' => 'Admins',
'action' => 'login',
],
'storage' => [
'className' => 'Session',
'key' => 'Auth.Admin',
],
]);
} else {
$this->loadComponent('Auth', [
'authenticate' => [
'Form' => [
'userModel' => 'Users',
'fields' => ['username' => 'email', 'password' => 'password']
],
],
'loginAction' => [
'controller' => 'Users',
'action' => 'login'
],
'loginRedirect' => [
'controller' => 'pages',
'action' => 'home'
],
'logoutRedirect' => [
'controller' => 'Users',
'action' => 'login',
],
'storage' => [
'className' => 'Session',
'key' => 'Auth.User',
],
]);
}
这工作正常,因为访问 example.com/admin 的用户被重定向到管理员登录区域,访问 example.com 的用户被重定向到用户登录区域,并且用户可以同时登录其中一个、另一个或两者互不干扰。
当我希望管理员能够“以”另一个用户身份登录时,问题就出现了。在 CakePHP2 中我能够做到这一点:
AuthComponent::$sessionKey = 'Auth.User'; // solution from http://stackoverflow.com/questions/10538159/cakephp-auth-component-with-two-models-session
$this->Auth->loginAction = array('admin'=>false,'controller'=>'accounts','action'=>'login');
$this->Auth->loginRedirect = array('admin'=>false,'controller'=>'pages','action'=>'home');
$this->Auth->logoutRedirect = array('admin'=>false,'controller'=>'accounts','action'=>'login');
$this->Auth->authenticate = array(
'Custom' => array(
'userModel' => 'Account',
'fields' => array('username' => 'number'),
)
);
if (!$this->Auth->login($account['Account'])) {
throw new NotFoundException(__('Could not login to account'));
}
return $this->redirect(array('admin' => false, 'controller' => 'getting_started', 'action' => 'index'));
一切都很好。但在 CakePHP3 中,AuthComponent::$sessionKey 属性似乎不可访问,相反,我认为我应该使用 $this->Auth->config。但是当我使用这段代码时:
public function loginas($id = null)
{
$user = $this->Users->get($id, [
'contain' => []
]);
$this->Auth->config([
'authenticate' => [
'Form' => [
'userModel' => 'Users',
'fields' => ['username' => 'email', 'password' => 'password']
],
],
'loginAction' => [
'controller' => 'Users',
'action' => 'login'
],
'loginRedirect' => [
'controller' => 'pages',
'action' => 'home'
],
'logoutRedirect' => [
'controller' => 'Users',
'action' => 'login',
],
'storage' => [
'className' => 'Session',
'key' => 'Auth.User',
],
]);
$this->Auth->setUser($user->toArray());
return $this->redirect([
'prefix' => false,
'controller' => 'pages',
'action' => 'home',
]);
}
我可以成功“登录为”,但是它还会使用普通用户详细信息覆盖现有管理会话的用户信息。
如何让 CakePHP 3 完全保留 Auth.Admin 会话,并针对 Auth.User 会话密钥(恰好在新选项卡中打开)设置新的 Auth 会话?