我不希望我的用户在登录时能够进入登录页面。他们必须先注销才能登录。这似乎很简单,我是不是没有正确理解
class UsersController extends AppController {
public function isAuthorized($user) {
if( $this->Auth->login() ){
return false;
} else {
return true;
}
}
public function login() {
if ($this->request->is('post')) {
if ($this->Auth->login()) {
return $this->redirect($this->Auth->redirectUrl());
} else {
$this->Session->setFlash(__('Username or password is incorrect'), 'default', array(), 'auth');
}
}
}
还有注册或丢失密码等操作。
基本上,你只需检查列入黑名单的控制器/操作,然后重定向到主屏幕或相应的登录重定向
// Do not allow access to these public actions when already logged in
$allowed = array('Account' => array('login', 'lost_password', 'register'));
foreach ($allowed as $controller => $actions) {
if ($this->name === $controller && in_array($this->request->action, $actions)) {
$this->Common->flashMessage('The page you tried to access is not relevant if you are already logged in. Redirected to main page.', 'info');
return $this->redirect($this->Auth->loginRedirect);
}
}
请参阅https://github.com/dereuromark/cakefest/blob/master/Controller/AppController.php#L66
我使用laravel,在这种情况下,我的login路由是这样的filter。
Route::get('login', array('before' => 'guest', "uses" => "SessionController@create"));
guest是过滤器的名称,定义为return !Auth::check();
对于CakePHP,我想它会非常相似。寻找一种可以根据当前用户是否经过身份验证来过滤路由的方法。