跨请求Laravel 4.1认证会话数据未持续 [英] Laravel 4.1 authentication session data not persisting across requests
问题描述
我用雄辩的认证驱动程序和数据库会话司机Laravel 4.1应用程序。我的验证控制器运行成功验证::尝试并重定向到一个新的一页。然而,一旦新的页面上的验证会话数据似乎消失了。我有重定向到网页上运行的auth过滤器和失败,然后再用户登录页面重定向。用户永远不会过去的登录页面。
I have a Laravel 4.1 app using the eloquent authentication driver and the database session driver. My authentication controller is successfully running Auth::attempt and redirecting to a new page. However, once on the new page the authentication session data seems to be gone. I have an auth filter running on the redirected-to page and it fails, which then redirects the user to the login page again. The user never gets past the login page.
下面是我的session.php文件:
Here is my session.php:
<?php
return array(
'driver' => 'database',
'lifetime' => 120,
'expire_on_close' => true,
'files' => storage_path().'/sessions',
'connection' => 'mysql',
'table' => 'sessions',
'lottery' => array(2, 100),
'cookie' => 'laravel_session',
'path' => '/',
'domain' => null,
'secure' => false,
);
我的课程表模式:
My sessions table schema:
CREATE TABLE `sessions` (
`id` varchar(32) NOT NULL,
`payload` text NOT NULL,
`last_activity` int(11) NOT NULL,
UNIQUE KEY `id` (`id`)
) ENGINE=InnoDB DEFAULT CHARSET=latin1;
和我的身份验证过滤器:
And my auth filter:
Route::filter('auth', function()
{
if (Auth::guest()) {
if ( Request::ajax() ) {
return Response::make("Your session has timed out. Please sign in again.", 401);
} else {
return Redirect::guest('login');
}
}
});
在AUTH过滤器中的验证::客()调用始终返回false。
The Auth::guest() call in the auth filter always returns false.
我添加了一些记录到用户()提供照明/认证/ Guard.php的方法,发现员额从登录表单,验证数据是当被称为用户()方法的会话。然而,当它从重定向在auth过滤器称为(AUTH ::客()调用间接用户()方法),会话数据已经一去不复返了。
I added some Logging to the user() method of Illuminate/Auth/Guard.php and found that in the POST from the login form, the authentication data was in the session when the user() method was called. However, when it is called from the auth filter on the redirect (Auth::guest() indirectly calls the user() method), the session data is gone.
下面是用户()方法,以供参考:
Here is the user() method, for reference:
public function user()
{
if ($this->loggedOut) return;
// If we have already retrieved the user for the current request we can just
// return it back immediately. We do not want to pull the user data every
// request into the method because that would tremendously slow an app.
if ( ! is_null($this->user))
{
return $this->user;
}
$id = $this->session->get($this->getName());
// First we will try to load the user using the identifier in the session if
// one exists. Otherwise we will check for a "remember me" cookie in this
// request, and if one exists, attempt to retrieve the user using that.
$user = null;
if ( ! is_null($id))
{
$user = $this->provider->retrieveByID($id);
}
// If the user is null, but we decrypt a "recaller" cookie we can attempt to
// pull the user data on that cookie which serves as a remember cookie on
// the application. Once we have a user we can return it to the caller.
$recaller = $this->getRecaller();
if (is_null($user) && ! is_null($recaller))
{
$user = $this->getUserByRecaller($recaller);
}
return $this->user = $user;
}
当用户()从AUTH过滤器, $这个 - &GT调用; loggedOut 是假的,但 $这个 - &gt;用户为空和 $这个 - &GT;会话级&GT;获得($这个 - &GT;的getName())。返回null
When user() is called from the auth filter, $this->loggedOut is false, but $this->user is null and $this->session->get($this->getName()) returns null.
它不会出现验证::注销()被调用的任何一点。
It does not appear that Auth::logout() is being called at any point.
推荐答案
会议表的ID字段需要有至少40的长度,因为Laravel使用SHA1哈希的会话ID。
The id field of the sessions table needs to have a length of at least 40 because Laravel uses a sha1 hash as the session id.
这篇关于跨请求Laravel 4.1认证会话数据未持续的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
