CakePHP 3.6更新后的无限登录循环

编程入门行业动态更新时间:2024-10-27 19:29:55

本文介绍了CakePHP 3.6更新后的无限登录循环的处理方法，对大家解决问题具有一定的参考价值，需要的朋友们下面随着小编来一起学习吧！问题描述

。当我使用URL / manager / login（对应于LoginController，Managerr前缀）登录时，一切正常。

in my application, based on CakePHP, I'm using. When I'm logging in using the URL /manager/login (corresponding to LoginController, Managerr prefix) everything is OK.

当我注销或使用时/ manager结果如下：

When I logout or I use /manager the result is the following:

/manager/login?redirect=%2Fmanager%2Flogin%3Fredirect%3D%252Fmanager%252Flogin%253Fredirect%253D%25252Fmanager%25252Flogin%25253Fredirect%25253D%2525252Fmanager%2525252Flogin%2525253Fredirect%2525253D%252525252Fmanager%252525252Flogin%252525253Fredirect%252525253D%25252525252Fmanager%25252525252Flogin%25252525253Fredirect%25252525253D%2525252525252Fmanager%2525252525252Flogin%2525252525253Fredirect%2525252525253D%252525252525252Fmanager%252525252525252Flogin%252525252525253Fredirect%252525252525253D%25252525252525252Fmanager%25252525252525252Flogin%25252525252525253Fredirect%25252525252525253D%2525252525252525252Fmanager%2525252525252525252Flogin%2525252525252525253Fredirect%2525252525252525253D%252525252525252525252Fmanager%252525252525252525252Flogin%252525252525252525253Fredirect%252525252525252525253D%25252525252525252525252Fmanager%25252525252525252525252Flogin%25252525252525252525253Fredirect%25252525252525252525253D%2525252525252525252525252Fmanager%2525252525252525252525252Flogin%2525252525252525252525253Fredirect%2525252525252525252525253D%252525252525252525252525252Fmanager%252525252525252525252525252Flogin%252525252525252525252525253Fredirect%252525252525252525252525253D%25252525252525252525252525252Fmanager%25252525252525252525252525252Flogin%25252525252525252525252525253Fredirect%25252525252525252525252525253D%2525252525252525252525252525252Fmanager%2525252525252525252525252525252Flogin%2525252525252525252525252525253Fredirect%2525252525252525252525252525253D%252525252525252525252525252525252Fmanager%252525252525252525252525252525252Flogin%252525252525252525252525252525253Fredirect%252525252525252525252525252525253D%25252525252525252525252525252525252Fmanager%25252525252525252525252525252525252Flogin%25252525252525252525252525252525253Fredirect%25252525252525252525252525252525253D%2525252525252525252525252525252525252Fmanager%2525252525252525252525252525252525252Flogin%2525252525252525252525252525252525253Fredirect%2525252525252525252525252525252525253D%252525252525252525252525252525252525252Fmanager%252525252525252525252525252525252525252Fprofile

在查询字符串无限循环并且服务器返回404.15错误。

An infinite loop in query string and the server return a 404.15 error.

3.5中使用的配置相同

Same configuration used in 3.5

$this->loadComponent('Auth', [ 'fields' => [ 'username' => 'email', 'password' => 'password' ], 'loginAction' => [ 'prefix' => 'manager', 'controller' => 'Login', 'action' => 'index', 'plugin' => false ], 'loginRedirect' => [ 'prefix' => 'manager', 'controller' => 'Managers', 'action' => 'index', 'plugin' => false ], 'logoutRedirect' => [ 'prefix' => 'manager', 'controller' => 'Login', 'action' => 'index', 'plugin' => false ], 'authenticate' => [ 'Form' => [ 'passwordHasher' => [ 'className' => 'DressFinder' ], 'fields' => [ 'username' => 'email', 'password' => 'password' ], 'userModel' => 'Managers' ] ], 'authError' => __('You are not authorized to access that location.'), 'storage' => [ 'className' => 'Session', 'key' => 'Auth.Managers' ] ]);

未更改任何路由，并且在没有前缀的控制器中，登录/登录操作有效。

No routes has been changed, and in controller without prefixes the login/logut actions work.

感谢您的帮助。

推荐答案

那是一个错误，身份验证组件进行了比较使用当前URL的登录操作包括查询字符串参数，这会导致不匹配，将用户视为未经身份验证的用户，从而触发重定向到登录操作的操作，然后该操作再次开始。

That's a bug, the authentication component compares the login action with the current URL including the query string argument, which causes a mismatch, treating the user as unauthenticated, and thus triggering a redirect to the login action, where the same procedure then starts again.

此问题将在3.6.1中修复，如果您迫不及待，请手动应用补丁，直到新版本可用为止。

This will be fixed in 3.6.1, if you cannot wait, apply the patch manually until the new version is available.

请参阅