使用 Facebook 登录的 Flexi 身份验证
Flexi auth with Facebook login
我在我的项目中使用 Flexi auth 用户身份验证库。现在客户想要Facebook、Twitter用户登录。我正在使用 facebook sdk 4 并且能够让用户通过 Facebook 登录。
但现在面临一个问题。对于每个控制器,构造 is_logged_in_via_password() 中都有一个函数。
我无法绕过这个功能。我试图在用户通过 facebook 登录后将会话值 is_logged_in_via_password 设置为 1。
但是函数 is_logged_in_via_password returns 在构建时仍然是 false。
使用 flexi auth 用户登录的会话是:
Array
(
[user_identifier] =xxxxxx@gmail.com
[user_id] = 255
[admin] =
[group] = Array
(
[5] = Employer Individual
)
[privileges] = Array
(
)
[logged_in_via_password] = 1
[login_session_token] => 805ad8cdfdfd49ad309dcc3837a762159e855c649
)
以及我在 facebook 登录后创建的会话:
Array
(
[user_identifier] =xxxxxx@gmail.com
[user_id] => 129
[admin] =>
[group] => Array
(
[5] => Employer Individual
)
[privileges] => Array
(
)
[logged_in_via_password] => 1
[login_session_token] => 8306cd89be76082caa0b15fd53a2b22f7965e6434
)
仍然是函数 returns false。
问题:我怎样才能克服这个问题。 flexi auth 文档没有提供这方面的任何细节。
根据 Flexi 授权文档:
The flexi auth library does not include any features to login via a third party api like Facebook, Twitter and OpenID.
但是我写了一个类似于
public flexi_auth_model.php 中的函数 login($identity = FALSE, $password = FALSE, $remember_user = FALSE) 来处理 Facebook 登录情况。
在这个功能中我删除了验证密码功能,因为它的facebook登录没有密码。
我的代码如下所示:
public function facebooklogin($fbprofiledata = FALSE)
{
// Facebook Email Or Facebook ID
$identity=$fb_fbprofiledata['email'];
if (empty($identity) || (!$identity = this->get_primary_identity($identity)))
{
return FALSE;
}
$sql_select = array(
$this->auth->primary_identity_col,
$this->auth->tbl_col_user_account['id'],
$this->auth->tbl_col_user_account['password'],
$this->auth->tbl_col_user_account['group_id'],
$this->auth->tbl_col_user_account['activation_token'],
$this->auth->tbl_col_user_account['active'],
$this->auth->tbl_col_user_account['suspend'],
$this->auth->tbl_col_user_account['last_login_date'],
$this->auth->tbl_col_user_account['failed_logins'],
$this->auth->tbl_col_user_account['uacc_type'],
);
$sql_where = array($this->auth->primary_identity_col => $identity);
// Set any custom defined SQL statements.
$this->flexi_auth_lite_model->set_custom_sql_to_db();
$query = $this->db->select($sql_select)
->where($sql_where)
->get($this->auth->tbl_user_account);
###+++++++++++++++++++++++++++++++++###
// User exists, now validate credentials.
if ($query->num_rows() == 1)
{
$user = $query->row();
// If an activation time limit is defined by config file and account hasn't been activated by email.
if ($this->auth->auth_settings['account_activation_time_limit'] > 0 && !empty($user->{$this->auth->database_config['user_acc']['columns']['activation_token']}))
{
if (!$this->validate_activation_time_limit($user->{$this->auth->database_config['user_acc']['columns']['last_login_date']}))
{
$this->set_error_message('account_requires_activation', 'config');
return FALSE;
}
}
// Check whether account has been activated.
if ($user->{$this->auth->database_config['user_acc']['columns']['active']} == 0)
{
$this->set_error_message('account_requires_activation', 'config');
return FALSE;
}
// Check if account has been suspended.
if ($user->{$this->auth->database_config['user_acc']['columns']['suspend']} == 1)
{
$this->set_error_message('account_suspended', 'config');
return FALSE;
}
// Verify submitted password matches database.
if ($identity)
{
// Reset failed login attempts.
if ($user->{$this->auth->database_config['user_acc']['columns']['failed_logins']} > 0)
{
$this->reset_login_attempts($identity);
}
// Set user login sessions.
if ($this->set_login_sessions($user, TRUE))
{
// Set 'Remember me' cookie and database record if checked by user.
if ($remember_user)
{
$this->remember_user($user->{$this->auth->database_config['user_acc']['columns']['id']});
}
// Else, ensure any existing 'Remember me' cookies are deleted.
// This can occur if the user logs in via password, whilst already logged in via a "Remember me" cookie.
else
{
$this->flexi_auth_lite_model->delete_remember_me_cookies();
}
return TRUE;
}
}
// Password does not match, log the failed login attempt if defined via the config file.
else if ($this->auth->auth_security['login_attempt_limit'] > 0)
{
$attempts = $user->{$this->auth->database_config['user_acc']['columns']['failed_logins']};
// Increment failed login attempts.
$this->increment_login_attempts($identity, $attempts);
}
}
return FALSE;
}
PS:如果有人使用或认为会有安全漏洞,请评论。希望这对其他人也有帮助...
我在我的项目中使用 Flexi auth 用户身份验证库。现在客户想要Facebook、Twitter用户登录。我正在使用 facebook sdk 4 并且能够让用户通过 Facebook 登录。
但现在面临一个问题。对于每个控制器,构造 is_logged_in_via_password() 中都有一个函数。
我无法绕过这个功能。我试图在用户通过 facebook 登录后将会话值 is_logged_in_via_password 设置为 1。
但是函数 is_logged_in_via_password returns 在构建时仍然是 false。
使用 flexi auth 用户登录的会话是:
Array
(
[user_identifier] =xxxxxx@gmail.com
[user_id] = 255
[admin] =
[group] = Array
(
[5] = Employer Individual
)
[privileges] = Array
(
)
[logged_in_via_password] = 1
[login_session_token] => 805ad8cdfdfd49ad309dcc3837a762159e855c649
)
以及我在 facebook 登录后创建的会话:
Array
(
[user_identifier] =xxxxxx@gmail.com
[user_id] => 129
[admin] =>
[group] => Array
(
[5] => Employer Individual
)
[privileges] => Array
(
)
[logged_in_via_password] => 1
[login_session_token] => 8306cd89be76082caa0b15fd53a2b22f7965e6434
)
仍然是函数 returns false。 问题:我怎样才能克服这个问题。 flexi auth 文档没有提供这方面的任何细节。
根据 Flexi 授权文档:
The flexi auth library does not include any features to login via a third party api like Facebook, Twitter and OpenID.
但是我写了一个类似于 public flexi_auth_model.php 中的函数 login($identity = FALSE, $password = FALSE, $remember_user = FALSE) 来处理 Facebook 登录情况。
在这个功能中我删除了验证密码功能,因为它的facebook登录没有密码。
我的代码如下所示:
public function facebooklogin($fbprofiledata = FALSE)
{
// Facebook Email Or Facebook ID
$identity=$fb_fbprofiledata['email'];
if (empty($identity) || (!$identity = this->get_primary_identity($identity)))
{
return FALSE;
}
$sql_select = array(
$this->auth->primary_identity_col,
$this->auth->tbl_col_user_account['id'],
$this->auth->tbl_col_user_account['password'],
$this->auth->tbl_col_user_account['group_id'],
$this->auth->tbl_col_user_account['activation_token'],
$this->auth->tbl_col_user_account['active'],
$this->auth->tbl_col_user_account['suspend'],
$this->auth->tbl_col_user_account['last_login_date'],
$this->auth->tbl_col_user_account['failed_logins'],
$this->auth->tbl_col_user_account['uacc_type'],
);
$sql_where = array($this->auth->primary_identity_col => $identity);
// Set any custom defined SQL statements.
$this->flexi_auth_lite_model->set_custom_sql_to_db();
$query = $this->db->select($sql_select)
->where($sql_where)
->get($this->auth->tbl_user_account);
###+++++++++++++++++++++++++++++++++###
// User exists, now validate credentials.
if ($query->num_rows() == 1)
{
$user = $query->row();
// If an activation time limit is defined by config file and account hasn't been activated by email.
if ($this->auth->auth_settings['account_activation_time_limit'] > 0 && !empty($user->{$this->auth->database_config['user_acc']['columns']['activation_token']}))
{
if (!$this->validate_activation_time_limit($user->{$this->auth->database_config['user_acc']['columns']['last_login_date']}))
{
$this->set_error_message('account_requires_activation', 'config');
return FALSE;
}
}
// Check whether account has been activated.
if ($user->{$this->auth->database_config['user_acc']['columns']['active']} == 0)
{
$this->set_error_message('account_requires_activation', 'config');
return FALSE;
}
// Check if account has been suspended.
if ($user->{$this->auth->database_config['user_acc']['columns']['suspend']} == 1)
{
$this->set_error_message('account_suspended', 'config');
return FALSE;
}
// Verify submitted password matches database.
if ($identity)
{
// Reset failed login attempts.
if ($user->{$this->auth->database_config['user_acc']['columns']['failed_logins']} > 0)
{
$this->reset_login_attempts($identity);
}
// Set user login sessions.
if ($this->set_login_sessions($user, TRUE))
{
// Set 'Remember me' cookie and database record if checked by user.
if ($remember_user)
{
$this->remember_user($user->{$this->auth->database_config['user_acc']['columns']['id']});
}
// Else, ensure any existing 'Remember me' cookies are deleted.
// This can occur if the user logs in via password, whilst already logged in via a "Remember me" cookie.
else
{
$this->flexi_auth_lite_model->delete_remember_me_cookies();
}
return TRUE;
}
}
// Password does not match, log the failed login attempt if defined via the config file.
else if ($this->auth->auth_security['login_attempt_limit'] > 0)
{
$attempts = $user->{$this->auth->database_config['user_acc']['columns']['failed_logins']};
// Increment failed login attempts.
$this->increment_login_attempts($identity, $attempts);
}
}
return FALSE;
}
PS:如果有人使用或认为会有安全漏洞,请评论。希望这对其他人也有帮助...