如何调试(和修复)Symfony2 | 3路由? [英] How to debug (and fix) Symfony2|3 routes?
问题描述
我在Symfony 2.8应用程序的app/config/routing.yml处定义了以下路由:
I have this routes defined at app/config/routing.yml in a Symfony 2.8 app:
platform_chat:
resource: "@PlatformChatBundle/Controller/"
type: annotation
prefix: /chat
platform_admin:
resource: "@PlatformAdminBundle/Controller/"
type: annotation
prefix: /admin
#----> this is part of routing.yml but I forgot to add it
easy_admin_bundle:
resource: "@PlatformAdminBundle/Controller/AdminController.php"
type: annotation
prefix: /admin
#FOSUser
fos_user:
resource: "@FOSUserBundle/Resources/config/routing/all.xml"
您可能已经注意到PlatformAdminBundle是后端,而PlatformChatBundle是前端.考虑到这一点,我尝试设置并为两者使用一个防火墙,然后在security.interactive_login事件上重定向到正确的path | path.这是防火墙的样子:
As you may already notice PlatformAdminBundle is the backend and PlatformChatBundle is the frontend. Having that in mind I am tryin to setuo and use one firewall for both and then on security.interactive_login event redirect to right route|path. This is how the firewall looks like:
security:
...
role_hierarchy:
ROLE_CHATTER: ROLE_USER
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
...
firewalls:
...
ignored:
pattern: ^/(login(_check)?|logout|resetting)$
security: false
global:
pattern: ^/admin/(.*)|^/chat/(.*)
provider: fos_userbundle
form_login:
csrf_provider: security.csrf.token_manager
login_path: fos_user_security_login
check_path: fos_user_security_check
# if true, forward the user to the login form instead of redirecting
use_forward: true
# login success redirecting options (read further below)
always_use_default_target_path: true
default_target_path: /admin
target_path_parameter: _target_path
use_referer: true
remember_me: true
logout: ~
remember_me:
secret: '%secret%'
lifetime: 604800 # 1 week in seconds
path: /
access_control:
- { path: ^/chat/, role: ROLE_CHATTER }
- { path: ^/admin/, role: ROLE_ADMIN }
但是它不起作用,因为当我尝试以任一用户身份登录时,都会出现以下错误:
But it's not working because when I try to login as either user I end with this error:
您必须在安全防火墙配置中使用form_login配置要由防火墙处理的检查路径.
You must configure the check path to be handled by the firewall using form_login in your security firewall configuration.
这让我认为路由或防火墙配置不正确.我已经检查了调试工具栏下的路由,但没有匹配项,因此它们是错误完整的.我已经在此处阅读了文档,但这根本没有帮助,我也没有解决问题的方法.您可以将此帖子作为
Which makes me think that routes or firewall aren't properly configured. I have checked the routes under debug toolbar and none matches so they are wrong complete. I have read docs here but it's not helpful at all and I am not getting the fix for the problem. You can take this post as a second part of this one but I don't want to change the topic of the old one and neither the content because I think it will be helpful on the future for somebody else. So, any advice guys? What would you debug this kind of issues related to routes? Any fix for my particular problem? I am really stuck here!
更新
我已经按照@xabbuh的建议进行了更改,所以现在app/config/routing.yml看起来像这样:
I have made the changes as @xabbuh suggested so now app/config/routing.yml looks like:
platform_chat:
resource: "@PlatformChatBundle/Controller/"
type: annotation
prefix: /chat
options:
expose: true
platform_admin:
resource: "@PlatformAdminBundle/Controller/"
type: annotation
prefix: /admin
options:
expose: true
#EasyAdminBundle
easy_admin_bundle:
resource: "@PlatformAdminBundle/Controller/AdminController.php"
type: annotation
prefix: /admin
options:
expose: true
#FOSUser
fos_user:
resource: "@FOSUserBundle/Resources/config/routing/all.xml"
#FOSUser Groups
fos_user_group:
resource: "@FOSUserBundle/Resources/config/routing/group.xml"
prefix: /group
#FOSJsRouting
fos_js_routing:
resource: "@FOSJsRoutingBundle/Resources/config/routing/routing.xml"
和``看起来像:
security:
...
firewalls:
...
global:
pattern: /
anonymous: true
provider: fos_userbundle
form_login:
csrf_provider: security.csrf.token_manager
login_path: fos_user_security_login
check_path: fos_user_security_check
use_forward: true # if true, forward the user to the login form instead of redirecting
always_use_default_target_path: true # login success redirecting options (read further below)
default_target_path: /admin
target_path_parameter: _target_path
use_referer: true
remember_me: true
logout: ~
remember_me:
secret: '%secret%'
lifetime: 604800 # 1 week in seconds
path: /
access_control:
- { path: ^/chat/, role: ROLE_CHATTER }
- { path: ^/admin/, role: ROLE_ADMIN }
清除缓存后,这是我的尝试和结果:
after clear the cache here are my tries and results:
- 以
ROL_CHATTER身份登录:我将按预期方式进入http://domain.tld/app_dev.php/chat/,我得到登录表单并使用有效的凭据获得以下消息:访问被拒绝.你是CHATTER .这是正确的,因为我在security.interactive_login上有一个侦听器,这就是用户使用这些凭据登录时所做的事情. - 以
ROL_ADMIN身份登录:我将按预期方式进入http://domain.tld/app_dev.php/admin/,我得到登录表单并使用有效的凭据获得以下消息:错误的凭据.这是错误的,因为凭据是有效的,并且至少我应该收到另一条消息(访问被拒绝.您是ADMIN ),因为security.interactive_login上的侦听器有效,但正如我所说的,这不是正在发生的情况.
- Login as
ROL_CHATTER: I am going tohttp://domain.tld/app_dev.php/chat/as expected I get the login form and using valid credentials I get the following message: Access Denied. You are CHATTER. This is right because I have a listener onsecurity.interactive_loginand that is what I am doing when user login with those creds. - Login as
ROL_ADMIN: I am going tohttp://domain.tld/app_dev.php/admin/as expected I get the login form and using valid credentials I get the following message: Bad credentials. This is wrong because credentials are valid and at least I should get another message (Access Denied. You are ADMIN) because the listener onsecurity.interactive_loginbut as I said this is not what is happening.
Info related to the listener is on this post. What's wrong?
推荐答案
您的问题是用于匹配对global防火墙的请求的正则表达式为/admin/(.*)|^/chat/(.*),但是您的检查路径为/login_check.如您所见,防火墙无法匹配该路径,从而导致您发布错误消息.
Your issue is that the regex used to match requests for the global firewall is /admin/(.*)|^/chat/(.*), but your check path is /login_check. As you can see that path would not be matched by your firewall which leads to the error message you posted.
如果我是您,我只需将防火墙放在与登录相关的内容之前,然后将global防火墙的正则表达式更改为/.然后,您只需添加anonymous: true,以便未登录的用户可以访问登录表单.您的访问控制部分仍将拒绝访问您的保护区.
If I were you, I would simply drop the firewall fore the login related stuff and change the regex for the global firewall to /. You would then only have to add anonymous: true so that users that are not logged in would be able to access the login form. Access to your protected areas would still be denied by your access control section.
这篇关于如何调试(和修复)Symfony2 | 3路由?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
