yii2.0權限控制 ACF權限--登陸驗證

ACF是一種經過yii\filters\AccessControl類來實現的簡單受權

通常在控制器中咱們調用以下：
打開backend\controller\SiteController.php 咱們看到這樣一段代碼

public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'rules' => [
[
'actions' => ['login', 'error'],
'allow' => true,
],
[
'actions' => ['logout', 'index'],
'allow' => true,
'roles' => ['@'],
],
],
],
'verbs' => [
'class' => VerbFilter::className(),
'actions' => [
'logout' => ['post'],
],
],
];
}

幾個必須到配置：
一、配置驗證類User

'user' => [
'identityClass' => 'common\models\Usermember',
'enableAutoLogin' => true,
'identityCookie' => ['name' => '_identity-frontend', 'httpOnly' => true],
'loginUrl'=>'/public/login'
],

二、繼承IdentityInterface接口
通常來講，從數據庫查找數據，只須要繼承AR類便可，可是，咱們這個是用戶登陸模型，核心是驗證，因此天然須要實現核心的驗證功能，就像LoginForm模型提到的validatePassword同樣，實際的驗證邏輯是在當前的User模型完成的。通常來講，實現IdentityInterface接口，須要實現如下方法：

public static function findIdentity($id); //①

public static function findIdentityByAccessToken($token, $type = null);   //②

public function getId();    //③

public function getAuthKey();   //④

public function validateAuthKey($authKey);    //⑤

三、登陸到login()作相關調用驗證：

public function login()
{
if ($this->validate()) {
if($this->rememberMe)
{
$this->_user->generateAuthKey();//③
}
return Yii::$app->user->login($this->getUser(), $this->rememberMe ? 36002430 : 0);
}
return false;
}

四、對用到控制器類作配置

/**

• {@inheritdoc}*/public function behaviors(){return ['access' => ['class' => AccessControl::className(),'only' => ['userhome', 'signup'],'rules' => [['actions' => ['','signup'],'allow' => true,'roles' => ['?'],],['actions' => ['userhome'],'allow' => true,'roles' => ['@'],],],],'verbs' => ['class' => VerbFilter::className(),'actions' => ['logout' => ['post'],],],];}