Zend框架2 - 与ZFCUser全球认证检查 [英] Zend Framework 2 - Global check for authentication with ZFCUser

问题描述

我装 ZFCUser 成功。现在，我不知道是否有一种方法为全球检查验证。

I installed ZFCUser successfully. Now I wonder if there is a way to globally check for authentication.

作为概述在维基有几种方法来检查AUTH。他们所有的工作，但我必须把检查，如果从句真正的每一个行动？我所有的网站应该只有accessable中，如果没有beeing登录的时候，你应该重新路由到登录页面。

As outlined in the wiki there are several ways to check for auth. They all work but do I have to put the check-if-clause really in every single action? All my sites should be only accessable when beeing logged in and if not, you should be rerouted to the login page.

是否有人知道是否有一个集中的地方，我可以把这个逻辑？

Does anybody know if there's a central place where I can put this logic?

推荐答案

说实话，我不认为这是阻止每个页的非认证用户是一个好主意。你将如何访问登录页面？

To be honest, I don't think it is a good idea to block every page for a non-authenticated user. How would you access the login page?

这就是说，你必须知道要访问的页面，取消对匿名用户访问页面的白名单。一开始，我建议，包括登录页面。您可以通过使用他们的路线最简单的检查页面。因此，检查对白名单目前与之匹配的路由。如果受阻，作用于。否则，什么都不做。

That said, you must know the page being accessed, to make a whitelist of pages accessible for anonymous visitors. To start, I'd suggest to include the login page. You can check pages the easiest by using their route. So check the current matched route against the whitelist. If blocked, act upon. Otherwise, do nothing.

一个例子是一个Module.php内从一个模块，例如你的应用程序：

An example would be inside a Module.php from a module, for example your application:

namespace Application;

use Zend\Mvc\MvcEvent;
use Zend\Mvc\Router\RouteMatch;

class Module
{
    protected $whitelist = array('zfcuser/login');

    public function onBootstrap($e)
    {
        $app = $e->getApplication();
        $em  = $app->getEventManager();
        $sm  = $app->getServiceManager();

        $list = $this->whitelist;
        $auth = $sm->get('zfcuser_auth_service');

        $em->attach(MvcEvent::EVENT_ROUTE, function($e) use ($list, $auth) {
            $match = $e->getRouteMatch();

            // No route match, this is a 404
            if (!$match instanceof RouteMatch) {
                return;
            }

            // Route is whitelisted
            $name = $match->getMatchedRouteName();
            if (in_array($name, $list)) {
                return;
            }

            // User is authenticated
            if ($auth->hasIdentity()) {
                return;
            }

            // Redirect to the user login page, as an example
            $router   = $e->getRouter();
            $url      = $router->assemble(array(), array(
                'name' => 'zfcuser/login'
            ));

            $response = $e->getResponse();
            $response->getHeaders()->addHeaderLine('Location', $url);
            $response->setStatusCode(302);

            return $response;
        }, -100);
    }
}

这篇关于Zend框架2 - 与ZFCUser全球认证检查的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！