将重置密码移动到后端,Yii2
问题描述:
I have user authorization on backend only (for admins) and I am trying to move password reset function to backend.
\backend\views\site\login.php
<?php $form = ActiveForm::begin(['id' => 'login-form']); ?>
//fields for username and password
<div class="form-group">
<?= Html::submitButton('Login', ['class' => 'btn btn-primary', 'name' => 'login-button']) ?>
</div>
<?php ActiveForm::end(); ?>
<div style="color:#999;margin:1em 0">
If you forgot your password you can <?= Html::a('reset it', ['request-password-reset']) ?>.
</div>
\backend\controllers\SiteController.php
public function actionLogin()
{
if (!\Yii::$app->user->isGuest) {
return $this->goHome();
}
$model = new LoginForm();
if ($model->load(Yii::$app->request->post()) && $model->login()) {
return $this->goBack();
} else {
//enters here instead
return $this->render('login', [
'model' => $model,
]);
}
}
public function actionRequestPasswordReset()
{
//not entering here
$model = new PasswordResetRequestForm(); //placed in \common\models
if ($model->load(Yii::$app->request->post()) && $model->validate()) {
if ($model->sendEmail()) {
Yii::$app->session->setFlash('success', 'Check your email for further instructions.');
return $this->goHome();
} else {
Yii::$app->session->setFlash('error', 'Sorry, we are unable to reset password for email provided.');
}
}
return $this->render('requestPasswordResetToken', [
'model' => $model,
]);
}
The problem is when I click reset it the site redirects me to login.php again, so actionRequestPasswordReset() is not fired. Im new to Yii and would appreciate any help.
答
Update your controller's Access Control Filter to permit users who haven't logged in to access requestPasswordReset:
public function behaviors()
{
return [
'access' => [
'class' => AccessControl::className(),
'rules' => [
[
'actions' => ['request-password-reset'],
'allow' => true,
'roles' => ['?'],
],
...