CakePHP - 如何允许未经身份验证的访问特定页面

2021-12-21 00:00:00 php cakephp login

我创建了一个 CakePHP 应用程序,我在其中创建了一个 UsersController,它处理所有关于用户的信息.当我尝试浏览 www.mydomain.com 时,如果我已登录,它会让我看到索引 (app/View/Pages/home.ctp).否则,它会将我重定向到 mydomain.com/users/login 并坚持登录.

I have created a CakePHP app where I have created a UsersController, which handles all about users. When I try to browse www.mydomain.com, if I am logged in, it let's me see the index (app/View/Pages/home.ctp). Else, it redirects me to mydomain.com/users/login and persists to log in.

我曾尝试查看 AppController.phpPagesController.phpapp/Config/core.phpapp/Config/routes.php,但没有找到任何东西.我的 UsersController.php 也不对此负责,我想.

I have tried looking at AppController.php, PagesController.php or app/Config/core.php and app/Config/routes.php, but did not find anything. My UsersController.php, also, is not responsible for that, I think.

我不记得了,我也找不到如何禁用它.哪个文件应该对此负责?

I do not remember and I cannot find how to disable this. Which file should be responsible for that?

我的 CakePHP 版本是 2.3.

my CakePHP version is 2.3.

推荐答案

通常,您可以使用 auth 组件allow() 方法.

Generally you can make specific actions public using the auth components allow() method.

如果您只想公开特定页面,则公开页面可能需要做更多工作,因为 PagesController 在单个操作中处理所有页面 (display()).如果是这种情况,那么您可以使用 request->params['pass'][0] 来保存页面名称,针对允许的页面列表进行测试,然后允许使用 Auth::allowdisplay 动作.

Making pages public may require a little more work in case you'd want to make only specific pages public, since the PagesController handles all pages in a single action (display()). If that is the case, then you could utilize request->params['pass'][0] which will hold the page name, test this against a list of allowed pages, and then allow the display action using Auth::allow.

示例,在 PagesController 中:

public function beforeFilter()
{
    parent::beforeFilter();

    $allowedPages = array('home', 'foo', 'bar');
    if(isset($this->request->params['pass'][0]) &&
       in_array($this->request->params['pass'][0], $allowedPages))
    {
        $this->Auth->allow('display');
    }
}

这将允许页面 homefoobar 无需登录即可查看.

This would allow the pages home, foo and bar to be viewed without being logged in.

如果您想让所有页面公开,那么您可以简单地使用 Auth::allow 而不带任何条件,即:

If you'd wanted to make all pages public, then you could simply use Auth::allow without any conditions, ie:

public function beforeFilter()
{
    parent::beforeFilter();
    $this->Auth->allow('display');
}

相关文章