Yii2:为什么User类中的auth密钥? [英] Yii2: Why is the auth key in class User?

问题描述

标题说明了为什么在Yii2中引入了auth密钥?它的主要用途是什么?在身份验证中有什么用?

As the title clarifies why is the auth key introduced in Yii2? What're it's main usages and how it is useful in authentication?

推荐答案

主要用途是通过cookie对用户进行身份验证.当您选择在登录时被记住时，这就是您被记住的方式.系统必须以某种方式识别并登录您.它可以将您的用户名和密码保存在cookie中(这是不安全的)，也可以通过其他方式记住您.这是手段之一.登录到Yii应用程序后，查看它创建的_identity cookie，您将看到auth_key是cookie的一部分.

The main use is to authenticate the user by cookie. When you choose to be remembered at Login, this is how you are remembered. The system has to identify and login you somehow. It can either save your username and password in a cookie (that would be unsafe) or it can remember you by other means. This is one of the means. After you login into your Yii application take a look at the _identity cookie that it creates, You will see that the auth_key is part of the cookie.

cookie实际上会记住$ id，$ authKey和$ duration，id \ auth_key组合比用户名/密码更安全.

The cookie actually remembers the $id the $authKey and the $duration, an id\auth_key combination is safer to remember then a username/password one.

这篇关于Yii2:为什么User类中的auth密钥?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！