在 Laravel 4 中使用 Sentry 的记住我功能

Posted 2023-03-14

【中文标题】在 Laravel 4 中使用 Sentry 的记住我功能

【英文标题】：Using the Remember me feature with Sentry in Laravel 4

【发布时间】：2013-10-07 07:46:32

【问题描述】：

我正在尝试获取一个登录表单来“记住”用户登录，但我不知道该怎么做。

这是我的控制器

public function getLogin()

    // Return the view with the data
    return View::make('users.login');


public function postLogin() 

    // Gather Sanitized Input
    $input = array(
        'email'      => Binput::get('email'),
        'password'   => Binput::get('password'),
        'rememberMe' => Binput::get('rememberMe')
        );

    // Set Validation Rules
    $rules = array (
        'email'    => 'required|min:4|max:64|email',
        'password' => 'required|min:6'
        );

    //Run input validation
    $v = Validator::make($input, $rules);

    if ($v->fails())
    
        // Validation has failed
        return Redirect::to('users/login')->withErrors($v)->withInput();
    
    else 
    
        try
        
            //Check for suspension or banned status
            $user = Sentry::getUserProvider()->findByLogin($input['email']);
            $throttle = Sentry::getThrottleProvider()->findByUserId($user->id);
            $throttle->check();

            // Set login credentials
            $credentials = array(
                'email'    => $input['email'],
                'password' => $input['password']
            );

            // Try to authenticate the user
            $user = Sentry::authenticate($credentials, $input['rememberMe']);
            Sentry::loginAndRemember($user);

        
        catch (Cartalyst\Sentry\Users\UserNotFoundException $e)
        
            // Sometimes a user is found, however hashed credentials do
            // not match. Therefore a user technically doesn't exist
            // by those credentials. Check the error message returned
            // for more information.
            Session::flash('error', 'Invalid username or password.' );
            return Redirect::to('users/login')->withErrors($v)->withInput();
        
        catch (Cartalyst\Sentry\Users\UserNotActivatedException $e)
        
            echo 'User not activated.';
            Session::flash('error', 'You have not yet activated this account.');
            return Redirect::to('users/login')->withErrors($v)->withInput();
        

        // The following is only required if throttle is enabled
        catch (Cartalyst\Sentry\Throttling\UserSuspendedException $e)
        
            $time = $throttle->getSuspensionTime();
            Session::flash('error', "Your account has been suspended for $time minutes.");
            return Redirect::to('users/login')->withErrors($v)->withInput();
        
        catch (Cartalyst\Sentry\Throttling\UserBannedException $e)
        
            Session::flash('error', 'You have been banned.');
            return Redirect::to('users/login')->withErrors($v)->withInput();
        

        return Redirect::to('/');
    


/**
 * Logout
 */

public function getLogout() 

    Session::flush();
    Sentry::logout();
    return Redirect::to('/');

这是我的观点

@extends('layouts/master')

-- Web site Title --
@section('title')

@stop

-- Content --
@section('content')
<div class="tck-well span6 offset3">
    <h1>Login</h1>
    <form class="" action=" URL::to('users/login') " method="post">   
         Form::token(); 

        <div class="control-group  ($errors->has('email')) ? 'error' : '' " for="email">
            <label class="control-label" for="email">E-mail</label>
            <div class="controls">
                <input name="email" id="email" value=" Request::old('email') " type="text" class="input-xlarge" placeholder="E-mail">
                 ($errors->has('email') ? $errors->first('email') : '') 
            </div>
        </div>

       <div class="control-group  $errors->has('password') ? 'error' : '' " for="password">
            <label class="control-label" for="password">Password</label>
            <div class="controls">
                <input name="password" value="" type="password" class="input-xlarge" placeholder="New Password">
                 ($errors->has('password') ?  $errors->first('password') : '') 
            </div>
        </div>

        <div class="control-group" for"rememberme">
            <div class="controls">
                <label class="checkbox inline">
                    <input type="checkbox" name="rememberMe" value="1"> Remember Me
                </label>
            </div>
        </div>

        <div class="form-actions">
            <input class="button button-large button-secondary" type="submit" value="Log In"> 
            <a href="/users/resetpassword" class="btn btn-link">Forgot Password?</a>
        </div>
  </form>
</div>

@stop

有人可以帮我指出正确的方向吗？

【问题讨论】：

你试过什么？你有任何错误吗？点击登录时发生了什么？

【参考方案1】：

而不是，

$user = Sentry::authenticate($credentials, $input['rememberMe']);

使用，

if(!empty($input['rememberMe'])) 
   $user = Sentry::authenticate($credentials, true);
 else 
   $user = Sentry::authenticate($credentials, false);

并确保您在$input['rememberMe'] 中获得了一些价值。

【讨论】：

我不确定，但我有一种感觉，虽然这可能有效，但我不知道在重新填充登录表单时如何访问该值。目前 Request::old('email') 被用作电子邮件的值，但我确信这对于我想要做的事情是错误的。

【参考方案2】：

类似于德沃的

// Try to log the user in
Sentry::authenticate(Input::only('email', 'password'), Input::get('remember-me', 0));

// For the view page
<input type="checkbox" name="remember-me" id="remember-me" value="1" /> Remember me;

【参考方案3】：

你也可以使用辅助方法：

if( Input::get('rememberMe') ) 
    $user = Sentry::authenticateAndRemember($credentials)
 else     
    $user = Sentry::authenticate($credentials, false);

【参考方案4】：

从 GitHub 看来，有时在 php.ini（或 .htaccess）中设置 gc_maxlifetime 也是必要的。

session.gc_maxlifetime = 2592000

【参考方案5】：

在 app/config/session.php 添加这行：

'lifetime' => 999999,
'expire_on_close' => false,