CakePHP表单身份验证用于普通请求，JSON具有基本身份验证 [英] CakePHP form authentication for normal requests with basic authentication for JSON

问题描述

我正在尝试构建一个Web应用程序，该应用程序可以由用户在浏览器中查看，但也具有供开发人员与我的应用程序交互的API。我的问题是如何根据CakePHP中的请求类型更改身份验证？

I'm attempting to to build a web application that can be view by a user in a browser but also has an API for developers to interface with my application. My question is how do I change the authentication based on what type of request it is in CakePHP?

我希望我的应用程序提示用户使用带有表单身份验证的网站，但当请求带有 .json以使用基本身份验证时。

I would like my application to prompt users using the site with form authentication but when a request comes in with a '.json' to use basic authentication.

我已经在AppController中尝试过此操作：

I've tried this in my AppController:

class AppController extends Controller {

public $components = array(
    'Session',
    'Auth' => array(
         'loginRedirect' => array(
             'controller' => 'journeys', 
             'action' => 'index'
             ),
        'logoutRedirect' => array(
            'controller' => 'pages', 
            'action' => 'display', 'home'
            )
    ),
    'RequestHandler'
);

public function beforeFilter() {
    if($this->params['ext'] == 'json') {
        $this->Auth->authenticate = array('Basic');
    } else {
        $this->Auth->authenticate = array('Form');
    }
    $this->Auth->allow('display'); 
}

}

我已经检查了beforeFilter中的子句是否可以正常工作，但是无论我尝试在应用程序中尝试使用的URL是什么，我似乎都重定向到了表单身份验证

I have checked that the clause in the beforeFilter if works and it does but I seem to get redirected to my form authentication no matter what URL I try and access in my application

我的UsersController文件中的登录函数如下：

The login function in my UsersController file looks like:

if ($this->Auth->login()) {
    return $this->redirect($this->Auth->redirect());
} else {
    $this->Session->setFlash(__('Username or password is incorrect'), 'default', array(), 'auth');
}

我已阅读CakePHP网站上的文档，但似乎无法找到一个对我有帮助的例子。任何帮助，将不胜感激。

I have read the docs on the CakePHP website but I can't seem to find an example that will help me. Any help would be appreciated.

为更正代码和更多信息而编辑

EDITED FOR CORRECTION TO CODE AND MORE INFORMATION

我一直在研究这个问题，我注意到如果我记录以下值：

I have carried on looking at this problem and Ive noticed that if I log the value of:

$this->Auth->authenticate

在beforeFilter中，它说它是基本的，但仍将我发送到表单登录。

in the beforeFilter it says that it is basic but it's still sending me to the form log in.

推荐答案

摘录自文档（请参见 http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html ）：

Excerp from the docs (see http://book.cakephp.org/2.0/en/core-libraries/components/authentication.html):

由于基本身份验证和摘要身份验证不需要初始POST
或表格，因此，如果仅使用基本身份验证/摘要身份验证器，则不需要
进行登录您的控制器。您也可以将
AuthComponent :: $ sessionKey设置为false，以确保AuthComponent不会
尝试从会话中读取用户信息。

Because basic and digest authentication don’t require an initial POST or a form so if using only basic / digest authenticators you don’t require a login action in your controller. Also you can set AuthComponent::$sessionKey to false to ensure AuthComponent doesn’t try to read user info from session.

因此您不需要登录操作。您可以在用户控制器中检查身份验证方法，如果身份验证方法是基本，则跳过登录操作。

So you do not require a login action. You could check for the authentication method in your users controller and skip the login action if the authentication method is "Basic".

这篇关于CakePHP表单身份验证用于普通请求，JSON具有基本身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！