Yii2 控制器不允许对访客用户执行其他操作

Question

我正在使用 Yii2 Advance 应用程序。我有SiteController.php，我有login、logout 和index 之类的操作。这里login 用于访客用户，index 和logout 用于登录用户。现在我又创建了一个名为reset 的操作来提供忘记密码功能。但每当我尝试调用 reset 操作时，它会将我重定向回登录页面。

以下是我的控制器：

namespace backend\controllers;

use Yii;
use yii\filters\AccessControl;
use yii\web\Controller;
use common\models\LoginForm;
use yii\filters\VerbFilter;

/**
 * Site controller
 */
class SiteController extends Controller {

    /**
     * @inheritdoc
     */
    public function behaviors() {
        return [
            'access' => [
                'class' => AccessControl::className(),
                'rules' => [
                    [
                        'actions' => ['login', 'error'],
                        'allow' => true
                    ],
                    [
                        'actions' => ['logout', 'index'],
                        'allow' => true,
                        'roles' => ['@'],
                    ],
                    [
                        'allow' => true,
                        'actions' => ['reset'],
                        'roles' => ['?'],
                    ],
                ],
            ],
            'verbs' => [
                'class' => VerbFilter::className(),
                'actions' => [
                    'logout' => ['post', 'get'],
                ],
            ],
        ];
    }

    /**
     * @inheritdoc
     */
    public function actions() {
        return [
            'error' => [
                'class' => 'yii\web\ErrorAction',
            ],
        ];
    }

    public function actionIndex() {
        return $this->render('index');
    }

    public function actionLogin() {
        $this->layout = 'guest';

        if (!\Yii::$app->user->isGuest) {
            return $this->goHome();
        }

        $model = new LoginForm();

        if ($model->load(Yii::$app->request->post()) && $model->login()) {
            return $this->goBack();
        } else {
            return $this->render('login', [
                        'model' => $model,
            ]);
        }
    }

    public function actionLogout() {
        Yii::$app->user->logout();
        return $this->goHome();
    }

    public function actionReset() {        
        return $this->render('reset');
    }

}

我已经为它添加了正确的roles & behaviours，但它仍然无法正常工作。我也尝试添加更多操作，但实际上它不允许我呈现除登录之外的任何其他操作。

任何帮助将不胜感激。

Answer 1

自己解决了:)

vendor/yiisoft/yii2/web/Controller.php 中有条件，即

if($this->action->id != 'login') { .. }

我把它改成了

if($this->action->id != 'login' && $this->action->id != 'reset') { .. }

即

public function beforeAction($action)
{ 
    // If user is guest then redirect to login page
    if($this->action->id != 'login' && $this->action->id != 'reset') {
        if(!isset($_SESSION['__id'])) {
           $this->redirect(array('site/login'));   
       }
    }
    if (parent::beforeAction($action)) {
        if ($this->enableCsrfValidation && Yii::$app->getErrorHandler()->exception === null && !Yii::$app->getRequest()->validateCsrfToken()) {
            throw new BadRequestHttpException(Yii::t('yii', 'Unable to verify your data submission.'));
        }
        return true;
    } else {
        return false;
    }
}

它的工作原理。

Answer 2

试试这个：

<?php
namespace backend\controllers;

use Yii;
use yii\web\Controller;
use yii\filters\VerbFilter;
use yii\filters\AccessControl;
use common\models\LoginForm;

    class SiteController extends Controller
    {
        /**
         * @inheritdoc
         */
        public function behaviors()
        {
            return [
                'access' => [
                    'class' => AccessControl::className(),
                    'rules' => [
                        [
                            'actions' => ['login', 'error', 'reset'],
                            'allow' => true,
                        ],
                        [
                            'actions' => ['logout', 'index'],
                            'allow' => true,
                            'roles' => ['@'],
                        ],

                    ],
                ],
                'verbs' => [
                    'class' => VerbFilter::className(),
                    'actions' => [
                        'logout' => ['post'],
                    ],
                ],
            ];
        }

 /**
     * @inheritdoc
     */
    public function actions()
    {
        return [
            'error' => [
                'class' => 'yii\web\ErrorAction',
            ],
        ];
    }
       public function actionReset(){
            //die('You are here');
            return $this->render('reset');
        }

    ...
    }

我的重置视图代码：

<?php

/* @var $this yii\web\View */
/* @var $name string */
/* @var $message string */
/* @var $exception Exception */

use yii\helpers\Html;

$this->title = "Reset";
?>
<div class="site-index">

    <h1><?= Html::encode($this->title) ?></h1>

    <div class="alert alert-success">
        Hi here you are without login
    </div>


</div>