zend框架中的身份验证+ acl 2

Posted

tags:

篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了zend框架中的身份验证+ acl 2相关的知识,希望对你有一定的参考价值。

您好我设法在ZF2中实现了acl和身份验证,但现在我有两个主要问题。我无法在用户登录后(在启动文件中)重定向用户,而我的另一个任务是对mysql进行查询,因为我必须在登录后检查用户权限。此代码以下是所有模块。 php。你能帮助我吗?到目前为止,我确实登录了它的效果很好。(现在没有acl的工作原理)

namespace Application;

use ZendMvcModuleRouteListener;
use ZendMvcMvcEvent;

use ZendModuleManagerFeatureAutoloaderProviderInterface;
use ZendAuthenticationStorage;
use ZendAuthenticationAuthenticationService;
use ZendAuthenticationAdapterDbTable as DbTableAuthAdapter;
class Module
{
    protected $loginTable;
public function onBootstrap(MvcEvent $e)
{
    $e->getApplication()->getServiceManager()->get('translator');
    $eventManager        = $e->getApplication()->getEventManager();
    $moduleRouteListener = new ModuleRouteListener();
    $moduleRouteListener->attach($eventManager);

    $this -> initAcl($e);
    $e -> getApplication() -> getEventManager() -> attach('route', array($this, 'checkAcl'));


        $app = $e->getApplication();
        $locator = $app->getServiceManager();
        $authAdapter = $locator->get('AuthService');

        if($authAdapter->hasIdentity() === true){
        //is logged in
        }else{
                //user is not logged in...redirect to home
        }


}

public function getConfig()
{
    return include __DIR__ . '/config/module.config.php';
}

public function getAutoloaderConfig()
{
    return array(
        'ZendLoaderStandardAutoloader' => array(
            'namespaces' => array(
                __NAMESPACE__ => __DIR__ . '/src/' . __NAMESPACE__,
            ),
        ),
    );
}


 public function getServiceConfig() {

    return array(
        'factories' => array(
            'AuthService' => function($sm) {

                $dbAdapter = $sm->get('ZendDbAdapterAdapter');
                $dbTableAuthAdapter = new DbTableAuthAdapter($dbAdapter, 'user', 'username', 'password', 'MD5(?)');

                $authService = new AuthenticationService();
                $authService->setAdapter($dbTableAuthAdapter);


                return $authService;
            },
        ),
    );
}


public function initAcl(MvcEvent $e) {

    $acl = new endPermissionsAclAcl();
    $roles = include __DIR__ . '/config/module.acl.roles.php';
    $allResources = array();
    foreach ($roles as $role => $resources) {

        $role = new endPermissionsAclRoleGenericRole($role);
        $acl -> addRole($role);

        $allResources = array_merge($resources, $allResources);

        //adding resources
        foreach ($resources as $resource) {
            $acl -> addResource(new endPermissionsAclResourceGenericResource($resource));
        }
        //adding restrictions
        foreach ($allResources as $resource) {
            $acl -> allow($role, $resource);
        }
    }
    //testing
    //var_dump($acl->isAllowed('admin','home'));
    //true

    //setting to view
    $e -> getViewModel() -> acl = $acl;

}

public function checkAcl(MvcEvent $e) {
    $route = $e -> getRouteMatch() -> getMatchedRouteName();

    $userRole = 'guest';

    if (!$e -> getViewModel() -> acl -> isAllowed($userRole, $route)) {
        $response = $e -> getResponse();
        //location to page or what ever
        $response -> getHeaders() -> addHeaderLine('Location', $e -> getRequest() -> getBaseUrl() . '/404');
        $response -> setStatusCode(303);

    }
}


}
答案

这是我的代码的一些例子:

$controller = $e->getTarget();
$auth = new AuthenticationService();
$is_login = $auth->hasIdentity();

//check if action is login

$params = $e->getApplication()->getMvcEvent()->getRouteMatch()->getParams();

if ($params['action'] == 'login') {

if ($is_login) {
    return $controller->redirect()->toRoute('adminwithlang/adminindex');
}

if (!$is_login) {
return $controller->redirect()->toRoute('adminwithlang/adminauthlogin');
}

示例要点:https://gist.github.com/anonymous/5227267

另一答案

我正在寻找类似的东西;我做了一些挖掘,发现了以下内容

在onBootstrap上附加的函数中获取以下内容

$routeMatch = $e->getRouteMatch( );
$controllerParamName = endMvcModuleRouteListener::ORIGINAL_CONTROLLER;
$controller = $routeMatch->getParam( $controllerParamName );
$action = $routeMatch->getParam( 'action' );
$route = $routeMatch->getMatchedRouteName( );

检查用户是否已登录;如果不是,您将重定向到登录事件

重定向时,您可以在登录事件中传递这3个变量(控制器,操作,路由),这些变量默认为null,如果已定义,则在成功登录后,您将重定向到控制器,操作,路径的这种组合

我仍在编写代码,一旦成功,我将发布希望这会有所帮助

以上是关于zend框架中的身份验证+ acl 2的主要内容,如果未能解决你的问题,请参考以下文章

如何在Zend框架中使用Zend_auth时设置超时

如何通过伪造登录来测试 Symfony 2 中的 ACL

Zend 框架中的表单级别验证

markdown Zend Framework 3:身份验证

Django REST框架--认证和权限

将Zend_Service_Twitter_Search与经过身份验证的请求一起使用