我的目标是要求某些页面登录.我正在使用 Zend Framework MVC,并且正在尝试查找有关最佳实践的示例.
My goal is to require login for certain pages. I am using Zend Framework MVC, and I'm trying to find examples regarding best practices.
关于我正在寻找的内容的一些说明:
Some notes on what I'm looking for:
或者完全不同的东西.我对 Zend 框架还很陌生,我想以正确的方式"来做.
Or something completely different. I'm fairly new to the Zend framework, and I want to do it 'the right way'.
- 我想让非登录用户得到一个登录框,然后返回到登录状态在页面的版本中,一次已认证
使用 FrontController 插件 并重定向或转发它们到您的登录操作.
Use a FrontController plugin and redirect or forward them to your loginAction.
Zend 框架,目前不提供任何 DI 系统,但是 Zend_Application_Resource_* 实际上取代了它.这里需要什么样的依赖?
Zend Framework, doesn't currently ship any DI system, however, the Zend_Application_Resource_* actually replace it. What kind of dependency would you need here?
这取决于你.
我主要使用一个特殊的 AuthController 和 LoginAction &注销操作.为了将用户重定向到试图查看的页面,我总是在我的表单中添加一个 returnUrl 元素,并注入请求的 URL 的值以便能够重定向用户,如果没有,我将他重定向到索引/仪表板,这取决于.
I mostly use a special AuthController with LoginAction & LogoutAction. To redirect the user to the page is was trying to view, I always add a returnUrl element in my forms, and I inject the value of the requested URL to be able to redirect the user, and if none, I redirect him to the index/dashboard, depends.
Zend_Auth 允许您设置您的 自己的存储机制,所以只需要实现接口即可.
Zend_Auth allows you to set your own storage mechanism, so just implement the interface.
$auth = Zend_Auth::getInstance();
$auth->setStorage(new My_Auth_Storage());
但是从不将身份验证结果存储在 cookie 中,修改它并访问您的网站非常容易.
But never store authentication result in a cookie, it's so easy to modify it and access your website.
您还可以查看我的一个之前的答案.
You may also take a look to one of my previous answer.
这篇关于Zend_Auth 最佳实践的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持跟版网!