是否存在任何形式的“预登录"?事件还是类似事件? [英] Is there any sort of "pre login" event or similar?

问题描述

在检查用户凭据是否正确之前，我需要运行一些代码.目前，我正在使用自定义事件侦听器来实现此目的，该事件侦听器将在kernel.request事件上触发并检查所请求的URL是否与security.yml的check_path设置匹配.但这是低效率的，因为它会在每个请求上运行.我知道onSecurityInteractiveLogin事件，但是我相信在成功登录后该事件会触发.有人知道是否有预登录事件，或者我自己可以在哪里调度自定义事件?

I need to run some code prior to checking if a user's credentials are correct. Currently I'm achieving this with a custom event listener that fires on the kernel.request event and checks if the requested URL matches security.yml's check_path setting. But this is inefficient since it runs on every request. I'm aware of the onSecurityInteractiveLogin event, but I believe that fires after a successful login attempt. Does anyone know if there's a pre login event, or where I could dispatch a custom event myself?

推荐答案

因此，没有官方"登录前事件.但值得庆幸的是，由于Symfony2如此可扩展，因此设置起来并不难.诀窍是使用您自己的服务来处理身份验证.

So, there's no 'official' pre-login event. But thankfully it's not hard to set one up since Symfony2 is so extendable. The trick is to use your own service to handle authentication.

Symfony在使用登录表单时使用此类:

Symfony uses this class when using a login form:

Symfony\Component\Security\Http\Firewall\UsernamePasswordFormAuthenticationListener

如果覆盖security.authentication.listener.form.class参数(最初在Symfony\Bundle\SecurityBundle\Resources\config\security_listeners.xml中定义)，则可以使用扩展UsernamePasswordFormAuthenticationListener的自定义侦听器.

If you override the security.authentication.listener.form.class parameter (originally defined in Symfony\Bundle\SecurityBundle\Resources\config\security_listeners.xml) you can use a custom listener that extends UsernamePasswordFormAuthenticationListener.

剩下要做的就是覆盖attemptAuthentication()方法以调度自定义事件.

All that's left to do is override the attemptAuthentication() method to dispatch the custom event.

(实际上，您还需要将事件分发程序存储为__construct()中的类属性)

(Actually you also need to store the event dispatcher as a class property in __construct())

此方法应与其他身份验证方法一起使用-您所需要做的就是修改适当的侦听器(即BasicAuthenticationListener，X509AuthenticationListener等)

This method should work with other authentication methods - all you'd need to do is modify the appropriate listener (ie BasicAuthenticationListener, X509AuthenticationListener, etc.)

这篇关于是否存在任何形式的“预登录"?事件还是类似事件?的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！