我正在创建一个新用户,然后尝试让他们登录,该用户被保存在数据库中,他们的角色也被保存。虽然我从来没有点击重定向说他们已经登录。我已经调试了Auth::Instance->login,我得到了FALSE
public function action_index()
{
$view = View::factory('index/home');
if( Request::current()->post() ):
$post = $_POST;
try {
$user = ORM::factory('User');
$user->username = $post['username'];
$user->password = $post["password"];
$user->email = $post["email"];
$user->logins = +1;
$user->save();
if ($user->saved() ):
$user->add('roles', ORM::factory('Role')->where('name', '=', 'login')->find());
$logged_in = Auth::instance()->login($post['username'], $post['password']);
echo Debug::vars($logged_in); exit;
if ($logged_in):
HTTP::redirect("/dashboard/");
endif;
endif;
} catch (Exception $e) {
echo Debug::vars($e); exit;
}
endif;
$index_page = $view->render();
$this->response->body($index_page);
}
配置
return array(
'driver' => 'ORM',
'hash_method' => 'sha256',
'hash_key' => 'bernardo',
'lifetime' => 1209600,
'session_type' => Session::$default,
'session_key' => 'auth_user',
);
可能是哈希时密码出了问题吗?
您将以明文形式将密码存储在数据库中(除非您应用某种过滤器)。尝试以下操作:
$user->password = Auth::instance()->hash($post["password"]);
这将确保在存储之前对密码进行哈希处理。Auth将在将密码与数据库中的值进行比较之前对其进行散列。