Yii2:为什么 User 类中的 auth 键是?

2022-01-04 00:00:00 php yii2 yii

正如标题阐明了为什么在Yii2中引入了auth key?它的主要用途是什么以及它在身份验证中的用途是什么?

As the title clarifies why is the auth key introduced in Yii2? What're it's main usages and how it is useful in authentication?

推荐答案

主要用途是通过 cookie 对用户进行身份验证.当您选择在登录时被记住时,这就是您被记住的方式.系统必须以某种方式识别和登录您.它可以将您的用户名和密码保存在 cookie 中(那是不安全的),或者它可以通过其他方式记住您.这是手段之一.登录到 Yii 应用程序后,查看它创建的 _identity cookie,您将看到 auth_key 是 cookie 的一部分.

The main use is to authenticate the user by cookie. When you choose to be remembered at Login, this is how you are remembered. The system has to identify and login you somehow. It can either save your username and password in a cookie (that would be unsafe) or it can remember you by other means. This is one of the means. After you login into your Yii application take a look at the _identity cookie that it creates, You will see that the auth_key is part of the cookie.

cookie 实际上记住了 $id、$authKey 和 $duration,idauth_key 组合比用户名/密码组合更安全.

The cookie actually remembers the $id the $authKey and the $duration, an idauth_key combination is safer to remember then a username/password one.

相关文章