我目前使用Zend控制器插件来检查身份验证。 以下可能看起来很熟悉:
class SF_Plugin_Member_Auth extends Zend_Controller_Plugin_Abstract { public function preDispatch(Zend_Controller_Request_Abstract $request) { if (!SF_Auth::getInstance('Member')->hasIdentity()) { if ($request->getControllerName() !== 'auth' && $request->getControllerName() !== 'error') { $r = Zend_Controller_Action_HelperBroker::getStaticHelper('redirector'); $r->gotoSimpleAndExit('login', 'auth', $request->getModuleName()); } } } }我不确定的是处理未经过身份验证的AJAX请求的最佳方式。 所以说有人试图使用通过AJAX发送的表单登录,Javascript应该如何知道它实际上需要将用户重定向到登录页面?
我的第一个想法是检查请求是否是一个AJAX请求,然后回显一个JSON对象,并提供将用户重定向到哪里的详细信息 - 然后,Javascript可以在返回的JSON对象中查找特定属性并使用该对象作为用户访问的“location.href”的URL。
上述有两个问题:
我不知道如何停止发送请求 - 如果是AJAX请求,我只想回显一个简单的JSON字符串。 它不像Zend般的做事方式。有没有人遇到过并解决了这种情况?
非常感谢,
詹姆士。
I'm currently using a Zend Controller Plugin to check authentication. The following probably looks familiar:
class SF_Plugin_Member_Auth extends Zend_Controller_Plugin_Abstract { public function preDispatch(Zend_Controller_Request_Abstract $request) { if (!SF_Auth::getInstance('Member')->hasIdentity()) { if ($request->getControllerName() !== 'auth' && $request->getControllerName() !== 'error') { $r = Zend_Controller_Action_HelperBroker::getStaticHelper('redirector'); $r->gotoSimpleAndExit('login', 'auth', $request->getModuleName()); } } } }What I'm unsure of is the best way of dealing with an AJAX request that isn't authenticated. So say someone tries to login using a form that's sent over AJAX, how should the Javascript know that it actually needs to redirect the user to the login page?
My first thought is to check to see if the request is an AJAX request, and then echo out a JSON object with details of where to redirect the user to - the Javascript can then look for a particular property in the returned JSON object and use that as the URL to "location.href" the user to.
There are two problems with the above:
I'm not sure how to stop the request from being dispatched - all I want to do is echo out a simple JSON string if it's an AJAX request. It doesn't feel like a Zend-like way of doing things.Is there anyone out there who's hit upon and solved this very scenario?
Thanks very much,
James.
最满意答案
您可以在响应对象中设置json值,并正常地使用重定向器停止请求。
if (!SF_Auth::getInstance('Member')->hasIdentity()) { if ($request->getControllerName() !== 'auth' && $request->getControllerName() !== 'error') { if ($request->isXmlHttpRequest()) { $json = Zend_Json::encode(array('auth' => false, 'url' => 'http://foo.bar/login')); // Prepare response $this->getResponse() ->setHttpResponseCode(200) // Or maybe HTTP Status 401 Unauthorized ->setBody($json) ->sendResponse(); // redirectAndExit() cleans up, sends the headers and stopts the script Zend_Controller_Action_HelperBroker::getStaticHelper('redirector')->redirectAndExit(); } else { $r = Zend_Controller_Action_HelperBroker::getStaticHelper('redirector'); $r->gotoSimpleAndExit('login', 'auth', $request->getModuleName()); } } }这将输出如下所示的内容:
{"auth":false,"url":"http:\/\/foo.bar\/login"}You can set your json values in the response object and gracefully stop the request with the redirector.
if (!SF_Auth::getInstance('Member')->hasIdentity()) { if ($request->getControllerName() !== 'auth' && $request->getControllerName() !== 'error') { if ($request->isXmlHttpRequest()) { $json = Zend_Json::encode(array('auth' => false, 'url' => 'http://foo.bar/login')); // Prepare response $this->getResponse() ->setHttpResponseCode(200) // Or maybe HTTP Status 401 Unauthorized ->setBody($json) ->sendResponse(); // redirectAndExit() cleans up, sends the headers and stopts the script Zend_Controller_Action_HelperBroker::getStaticHelper('redirector')->redirectAndExit(); } else { $r = Zend_Controller_Action_HelperBroker::getStaticHelper('redirector'); $r->gotoSimpleAndExit('login', 'auth', $request->getModuleName()); } } }This will output something like this:
{"auth":false,"url":"http:\/\/foo.bar\/login"}更多推荐
发布评论