php Yii2 需要所有 Controller 和 Action 登录
声明:本页面是StackOverFlow热门问题的中英对照翻译,遵循CC BY-SA 4.0协议,如果您需要使用它,必须同样遵循CC BY-SA许可,注明原文地址和作者信息,同时你必须将它归于原作者(不是我):StackOverFlow
原文地址: http://stackoverflow.com/questions/30067849/
Warning: these are provided under cc-by-sa 4.0 license. You are free to use/share it, But you must attribute it to the original authors (not me):
StackOverFlow
Yii2 require all Controller and Action to login
提问by Ngoun Thavy
In my sitecontroller I write like this
在我的站点控制器中,我是这样写的
'access' => [
'class' => AccessControl::className(),
'rules' => [
[
'actions' => ['login', 'error'],
'allow' => true,
],
[
'actions' => ['logout', 'index' ,'call-back'], // add all actions to take guest to login page
'allow' => true,
'roles' => ['@'],
],
],
],
so If I go to index or call-back action,I'll redirected to login page. but I have to do it for all action to each controller. Could you tell me the best way to do it?
所以如果我去索引或回调操作,我会重定向到登录页面。但我必须为每个控制器的所有操作都这样做。你能告诉我最好的方法吗?
回答by arogachev
Place this rule in the beginning of the rulessection:
将此规则放在本rules节的开头:
[
'allow' => true,
'roles' => ['@'],
],
Omitting the actionsmeans all actions.
省略actions意味着所有动作。
So your AccessControlconfig will be like this:
所以你的AccessControl配置将是这样的:
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'rules' => [
[
'allow' => true,
'roles' => ['@'],
],
// ...
],
],
];
}
Keep in mind that rules are applied in order they are declared.
请记住,规则是按照声明的顺序应用的。
To do it globally without inheritance, add the as beforeRequestarray below (not inside!) the componentsdeclaration in your application config:
要在没有继承的情况下全局执行此操作,请在应用程序配置中添加as beforeRequest下面的数组(不在内部!)components声明:
'components' => [ ... ],
'as beforeRequest' => [
'class' => 'yii\filters\AccessControl',
'rules' => [
[
'allow' => true,
'actions' => ['login'],
],
[
'allow' => true,
'roles' => ['@'],
],
],
'denyCallback' => function () {
return Yii::$app->response->redirect(['site/login']);
},
],
This code will run before each request and block all actions except loginfor guests.
此代码将在每个请求之前运行并阻止除login来宾之外的所有操作。
Make sure that there is no loginaction in other controllers than SiteController. If there are (and for example they are for different purposes), block them explicitly in according controllers. But it's pretty rare case.
确保login除了SiteController. 如果有(例如它们用于不同目的),请在相应的控制器中明确阻止它们。但这是非常罕见的情况。
回答by Ravindra Bhalothia
If you want to add access control to all your controller actions. Please add below code in main config file under components section.
如果您想为所有控制器操作添加访问控制。请在组件部分下的主配置文件中添加以下代码。
'as access' => [
'class' => \yii\filters\AccessControl::className(),//AccessControl::className(),
'rules' => [
[
'actions' => ['login', 'error'],
'allow' => true,
],
[
'actions' => ['logout', 'index'], // add all actions to take guest to login page
'allow' => true,
'roles' => ['@'],
],
],
],
回答by Blizz
If you omit the "actions"-part from the array completely, it will be valid for all the actions of the controller.
如果actions从数组中完全省略“ ”部分,它将对控制器的所有操作有效。
If you want to do it for every controller, just add a layer in between:
如果你想为每个控制器都这样做,只需在两者之间添加一个层:
class MyAccessController extends \yii\web\Controller
{
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'rules' => [
[
'actions' => ['login', 'error'],
'allow' => true,
],
[
'allow' => true,
'roles' => ['@'],
],
],
];
}
}
And then derive your controllerfrom that class.
Or you can put it in a traitand use add it with a usein each controller.
然后controller从那个类派生你。或者你可以把它放在 a 中trait并use在每个控制器中使用 add 它。
回答by vijay nathji
Try this in following file.
在以下文件中试试这个。
frontend/config/main.php
components =>[ your stuff ],
'as beforeRequest' =>
[
'class' => 'yii\filters\AccessControl',
'rules' => [
[
'actions' => ['login', 'error'],
'allow' => true,
],
[
'allow' => true,
'roles' => ['@'],
],
],
],
