CakePHP 2.1 - 作为具有身份验证的 Web 应用程序和 REST 服务 [英] CakePHP 2.1 - As a web application and REST service with Authentication

问题描述

我目前正在开发一个 CakePHP 应用程序，该应用程序目前具有表单身份验证.我还想打开此应用程序以供其他应用程序通过 REST 连接.

I'm currently developing a CakePHP application which currently has form authentication. I would also like to open up this application for other applications to connect to via REST.

我知道 CakePHP 可以使用

I know that CakePHP would be able to do this using the

Router::mapResources() 

和

Router::parseExtensions() 

但是，我不确定如何使用 Basic 或 Digest HTTP 身份验证来实现这一点.

However, I'm unsure how to get this working with say Basic or Digest HTTP authentication.

我在 AppController.php 中有以下内容

I've got the following in the AppController.php

public $components = array(
    'Session',
    'Auth' => array(
        'authenticate' => array(
            'Form'
        ),
        'loginAction' => array(
            'admin' => false,
            'controller' => 'users',
            'action' => 'login'
        ),
        'loginRedirect' => array(
            'controller' => 'users',
            'action' => 'home'
        )
    )
);

如果对于身份验证字段，例如我在基本"中使用 - 当登录基于 Web 的版本时，我得到一个 HTTP 身份验证框，而不是基于 Web 的表单.

If for the authenticate field, I had in 'Basic' for example - when logging into the web based version, I get an HTTP auth box and not the web based form.

这样做的最佳方法是什么?目前我能想到的唯一方法是创建一个单独的 ApiController 并手动进行身份验证?

What is the best way of doing this? The only way I can think of at the moment is to create a separate ApiController and manually do authentication?

任何建议都会很棒.

更新:

这是我修改后的代码，它给了我正确的行为 - 我很确定应该有更好的方法来做到这一点.

This is my revised code which is giving me the correct behavour - I'm pretty sure that there should be a better way to do this.

class AppController extends Controller {

    public $components = array(
        'Session',
        'RequestHandler',
        'Auth' => array(
            'loginAction' => array(
                'admin' => false,
                'controller' => 'users',
                'action' => 'login'
            ),
            'loginRedirect' => array(
                'controller' => 'users',
                'action' => 'home'
            )
        )
    );

    public $helpers = array('Html', 'Form', 'Session');

    public function beforeFilter() {
        $header = $_SERVER['HTTP_AUTHORIZATION'];
        if($header) {
            $this->Auth->authenticate = array('Basic');
        }
    }

}

推荐答案

public function beforeFilter() {

    // Change the authentication if using REST
    if($this->params['ext'] == 'json') {
        $this->Auth->authenticate = array('Basic');
    }

}

这会检查 JSON 扩展，如果请求包含它 - 然后切换到基本身份验证.

This checks for a JSON extension, if the request contains it - then switch to Basic authentication.

这篇关于CakePHP 2.1 - 作为具有身份验证的 Web 应用程序和 REST 服务的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！