是否存在任何形式的“预登录"?事件还是类似事件? [英] Is there any sort of "pre login" event or similar?
问题描述
在检查用户凭据是否正确之前,我需要运行一些代码.目前,我正在使用自定义事件侦听器来实现此目的,该事件侦听器将在kernel.request
事件上触发并检查所请求的URL是否与security.yml的check_path
设置匹配.但这是低效率的,因为它会在每个请求上运行.我知道onSecurityInteractiveLogin
事件,但是我相信在成功登录后该事件会触发.有人知道是否有预登录事件,或者我自己可以在哪里调度自定义事件?
I need to run some code prior to checking if a user's credentials are correct. Currently I'm achieving this with a custom event listener that fires on the kernel.request
event and checks if the requested URL matches security.yml's check_path
setting. But this is inefficient since it runs on every request. I'm aware of the onSecurityInteractiveLogin
event, but I believe that fires after a successful login attempt. Does anyone know if there's a pre login event, or where I could dispatch a custom event myself?
推荐答案
因此,没有官方"登录前事件.但值得庆幸的是,由于Symfony2如此可扩展,因此设置起来并不难.诀窍是使用您自己的服务来处理身份验证.
So, there's no 'official' pre-login event. But thankfully it's not hard to set one up since Symfony2 is so extendable. The trick is to use your own service to handle authentication.
Symfony在使用登录表单时使用此类:
Symfony uses this class when using a login form:
Symfony\Component\Security\Http\Firewall\UsernamePasswordFormAuthenticationListener
如果覆盖security.authentication.listener.form.class
参数(最初在Symfony\Bundle\SecurityBundle\Resources\config\security_listeners.xml
中定义),则可以使用扩展UsernamePasswordFormAuthenticationListener
的自定义侦听器.
If you override the security.authentication.listener.form.class
parameter (originally defined in Symfony\Bundle\SecurityBundle\Resources\config\security_listeners.xml
) you can use a custom listener that extends UsernamePasswordFormAuthenticationListener
.
剩下要做的就是覆盖attemptAuthentication()
方法以调度自定义事件.
All that's left to do is override the attemptAuthentication()
method to dispatch the custom event.
(实际上,您还需要将事件分发程序存储为__construct()
中的类属性)
(Actually you also need to store the event dispatcher as a class property in __construct()
)
此方法应与其他身份验证方法一起使用-您所需要做的就是修改适当的侦听器(即BasicAuthenticationListener
,X509AuthenticationListener
等)
This method should work with other authentication methods - all you'd need to do is modify the appropriate listener (ie BasicAuthenticationListener
, X509AuthenticationListener
, etc.)
这篇关于是否存在任何形式的“预登录"?事件还是类似事件?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!