问题
I'm using Janrain engage to login to my CakePHP site, and when handling the user data, I want to automatically login using the $this->Auth->login()-function.
I manage to login fine if I don't redirect after the call, but if I redirect, I'm not logged in. Does anyone now why or what I can do to straigten this?
function janrain(){
$rpxApiKey = 'kassdkfkafkkadskfkkdfkksdk';
if(isset($_POST['token'])) {
/* STEP 1: Extract token POST parameter */
$token = $_POST['token'];
/* STEP 2: Use the token to make the auth_info API call */
$post_data = array('token' => $_POST['token'],
'apiKey' => $rpxApiKey,
'format' => 'json');
$curl = curl_init();
curl_setopt($curl, CURLOPT_RETURNTRANSFER, true);
curl_setopt($curl, CURLOPT_URL, 'https://rpxnow.com/api/v2/auth_info');
curl_setopt($curl, CURLOPT_POST, true);
curl_setopt($curl, CURLOPT_POSTFIELDS, $post_data);
curl_setopt($curl, CURLOPT_HEADER, false);
curl_setopt($curl, CURLOPT_SSL_VERIFYPEER, false);
$raw_json = curl_exec($curl);
curl_close($curl);
/* STEP 3: Parse the JSON auth_info response */
$auth_info = json_decode($raw_json, true);
if ($auth_info['stat'] == 'ok') {
/* STEP 3 Continued: Extract the 'identifier' from the response */
$profile = $auth_info['profile'];
$identifier = $profile['identifier'];
if (isset($profile['photo'])) {
$photo_url = $profile['photo'];
}
if (isset($profile['displayName'])) {
$name = $profile['displayName'];
}
if (isset($profile['email'])) {
$email = $profile['email'];
}
$user = $this->User->findByUsername($identifier);
if($user){
$this->Auth->login($user['User']);
if ($this->Session->read('Auth.User')) {
$this->Session->setFlash('You are logged in!');
$this->redirect('/', null, false);
}
}
else{
$this->User->create();
$this->User->set('username',$identifier);
$this->User->set('displayname',$name);
if(isset($photo_url)){
$this->User->set('photo_url', $photo_url);
}
$this->User->set('password', $this->Auth->password($identifier));
$this->User->save();
//$this->User->set('password', $identifier);
$this->Auth->login($this->User);
}
回答1:
I have came accross the same problem. However i could not solve that problem. Try overriding beforeFilter on PagesController (if you are using it) and adding parent::beforeFilter in it.
public function beforeFilter() {
parent::beforeFilter();
}
However that did not solve my problem neither. Eventually i gave up trying. Installed OPAuth, came accross several problems, however solved them. Facebook, twitter, google, etc, now works fine and integrated with my site's built-in auth system.
Links: OPAuth Website, OPAuth Download, OPAuth CakePHP Plugin
回答2:
I'm having exactly the same trouble. The user isn't validated if I redirect.
The only solution I have found until now is to redirect using JavaScript after validating the user. I pass the url to redirect as a parameter to the token URL defined in the embedded widget:
$url = urlencode($baseUrl.'users/rpx?redirect=' . 'lala');
<iframe src="http://lolo.rpxnow.com/openid/embed?token_url=<?php echo $url; ?>" scrolling="no" frameBorder="no" allowtransparency="true" style="width:350px;height:216px"></iframe>
回答3:
I really dislike the Auth component for CakePHP. I was having the exact same problem with CakePHP 1.2, but managed to get things working by changing my security level to 'low' in the core.php file.
Configure::write('Security.level', 'low');
来源:https://stackoverflow.com/questions/3762714/not-logged-in-after-manual-login-in-cakephp-if-redirected-logged-in-if-no-redir