通过CURL连接到Symfony应用程序 [英] Connect to a Symfony application through CURL

问题描述

我有一个在Symfony中构建的应用程序.我在PHP中有另一个应用程序，试图检查当前用户在Symfony应用程序中是否有任何帐户并对其进行身份验证以获取PHPSessionID?在这种情况下，我使用 CURL 命令，如下所示.用户名和密码正确无误，但symfony应用程序仍将我重定向到登录页面.有人知道我该如何解决吗?

I have an application built in Symfony. I have another application in PHP and trying to check if the current user has any account in the Symfony application and authenticate him to obtain the PHPSessionID? In this case I use CURL command as below. How ever the username and password is correct but still the symfony application redirect me to the login page. Does anybody know how can I fix this?

$cred_data = array('_username' => 'test1', '_password' => '123', '_target_path' => 'http://symfonyappdomain/Symfony/web/app_dev.php/Acme/HomePage');
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, 'http://symfonyappdomain/Symfony/web/app_dev.php/Acme/login_check');
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, http_build_query($cred_data));
curl_setopt($ch, CURLOPT_RETURNTRANSFER, true);
curl_setopt($ch, CURLOPT_COOKIESESSION, true);
curl_setopt($ch, CURLOPT_HEADER, true);
curl_setopt($ch, CURLOPT_FOLLOWLOCATION, true);
curl_setopt($ch, CURLOPT_FRESH_CONNECT, true);
$result = curl_exec($ch);

欣赏

推荐答案

最后，我可以解决此问题.为了通过另一个应用程序对用户进行身份验证，我们需要使用form_login在 security.yml 中创建另一个具有不同模式的防火墙，但是需要禁用 required_previous_session ，请检查以下内容:

Finally I could fix this issue. In order to authenticate a user through another app we need to create another firewall in security.yml with different pattern using form_login but required_previous_session needs to be disabled, check this:

app_auth:
    pattern: ^acme/auth/application
    form_login:
        provider: same_provider_name #or use different provider
        login_path: /acme/auth/application/login
        check_path: /acme/auth/application/login_check
        require_previous_session: false
    anonymous: true
    context: my_shared_context_name

main_auth:
    pattern:     ^/acme
    form_login:  
        provider: same_provider_name #or use a different provider
        login_path: /acme/login
        check_path: /acme/login_check
    logout:
    path:   /acme/logout
    target: /acme
    security: true
    context: my_shared_context_name

请注意，每个防火墙的上下文必须相同，否则您将无法在两个防火墙中使用相同的SessionID.
我想可以仅在主防火墙中使用* required_previous_session *而不创建另一个防火墙，但是我没有尝试(因为我不确定，我认为从外部使用单独的防火墙进行身份验证更加安全)

Please pay attention to that the context of each firewall needs to be same otherwise you won't be able to use same SessionID in both firewall.
I guess it is possible to use *required_previous_session* just in the main firewall and not to create another firewall, but I did not try (because I am not sure and I think it's much more secured to have separate firewall for authentication from outside)

这篇关于通过CURL连接到Symfony应用程序的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！