如何在 CakePHP 中使用单独的密码表进行身份验证?
我有一个包含下表的数据库:
CREATE TABLE `visitors` (
`name` varchar(64) not null,
`id` int(10) unsigned not null auto_increment,
# ...more fields here
PRIMARY KEY (`id`),
UNIQUE KEY (`name`)
);
CREATE TABLE `credentials` (
`id` int(10) unsigned not null auto_increment,
`visitor_id` int(10) unsigned,
`type` enum('password','openid','google','facebook') not null,
`token` char(40) not null,
`modified` datetime,
`hint` varchar(64),
PRIMARY KEY (`id`),
KEY `visitor` (`visitor_id`),
KEY `token` (`token`)
);
经过一段时间的思考,我认为这是“正确的”,例如规范化并允许访问者拥有多个登录凭据,包括多个密码。
但是,我想使用 Cake 的 ACL 功能,并且 AuthComponent 假设散列密码与用户(访问者)信息存储在同一个表中。解决这个问题的最佳方法是什么?我是否必须使用 Auth->login(),还是有更好的方法?
I have a database with the following tables:
CREATE TABLE `visitors` (
`name` varchar(64) not null,
`id` int(10) unsigned not null auto_increment,
# ...more fields here
PRIMARY KEY (`id`),
UNIQUE KEY (`name`)
);
CREATE TABLE `credentials` (
`id` int(10) unsigned not null auto_increment,
`visitor_id` int(10) unsigned,
`type` enum('password','openid','google','facebook') not null,
`token` char(40) not null,
`modified` datetime,
`hint` varchar(64),
PRIMARY KEY (`id`),
KEY `visitor` (`visitor_id`),
KEY `token` (`token`)
);
After thinking about this for a awhile, I've decided that this is "right" for e.g. normalization and allowing visitors to have multiple login credentials, including multiple passwords.
However, I'd like to use Cake's ACL features, and AuthComponent assumes that hashed passwords are stored in the same table as user (visitor) information. What's the best way to work around this? Do I have to use Auth->login(), or is there a better way?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论
评论(1)
如果您使用 CakePHP 2.x,则可以通过创建新的身份验证处理程序来非常简单地存档。查看现有的表单处理程序也会对您有所帮助。您应该能够扩展它或将代码复制到新的处理程序中并修改它以满足您的需求。
阅读书中的身份验证章节。部分只是关于创建自定义处理程序,但为了了解整个事情是如何工作的,我真的建议您阅读整个页面。
If you're using CakePHP 2.x this can be archived pretty simple by creating a new authentication handler. Looking at the existing Form handler will also help you. You should be able to extend it or copy the code into a new handler and modify it to match your needs.
Read the authentication chapter in the book. It has a section just about creating a custom handler but to get an understanding of how the whole thing works I really suggest you to read the whole page.