在哨兵2身份验证过程中添加更多约束 [英] Adding more constrain in sentry 2 authentication processs

问题描述

您是否有任何想法，如何在哨兵2进行身份验证时添加更多约束，我有一个公司表，并且用户属于公司，并且如果该公司被禁用(将active设置为0以将其标记为Disabled)在公司表中)，则用户应该无法登录.

Do you have any ideas, how to add some more constrain while authentication in sentry 2, I have a company table and users belongs to a company, and if the company is disabled(set the active to 0 to mark it as disabled in the company table) then the user should not be able to login.

简而言之，在登录某些用户时，它应该检查他们所属的公司，并检查它是否处于活动状态，否则请不要登录或抛出异常.

In short while logging some users it should check for the company they belongs to and check if it is active or not, if not then do not log them in or throw an exception.

...如果您对此有任何了解，请提供帮助.谢谢:)

...Please help if u have any idea about it. Thanks :)

推荐答案

您可以保持简单，而无需更改哨兵2代码.

You can keep it simple without changing the sentry 2 code.

try
{
    $user = Sentry::authenticate($credentials, false);
    if ($user->company->active == 0)
    {
        Sentry::logout();
        // Redirect to login page with the proper flash message
    }
}
catch (Cartalyst\Sentry\Users\LoginRequiredException $e)
{
}
... other catches

更新 如果需要，可以为Sentry2创建自己的服务提供商.注册类时，可以注册扩展\ Cartalyst \ Sentry \ Sentry类并覆盖login()方法的类.

Update If you want, you can create your own service provider for Sentry2. When registering classes, you can register a class that extends the \Cartalyst\Sentry\Sentry class and override the login() method.

您的代码如下所示:

public function login(UserInterface $user, $remember = false)
{
    if ( ! $user->isActivated())
    {
        $login = $user->getLogin();
        throw new UserNotActivatedException("Cannot login user [$login] as they are not activated.");
    }

    // you can create this method in your company model
    if ($user->company->isDisabled()) 
    {
        throw new CompanyDisabledException("... message ...");
    }


    $this->user = $user;

    // Create an array of data to persist to the session and / or cookie
    $toPersist = array($user->getId(), $user->getPersistCode());

    // Set sessions
    $this->session->put($toPersist);

    if ($remember)
    {
        $this->cookie->forever($toPersist);
    }

    // The user model can attach any handlers
    // to the "recordLogin" event.
    $user->recordLogin();
}

这篇关于在哨兵2身份验证过程中添加更多约束的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！