Silex/Symfony 安全防火墙访问安全区域外的用户令牌 [英] Silex/Symfony Security Firewall Access user token outside the secured area
问题描述
我使用 Silex 和 SecurityProvider,我的防火墙:
I use Silex and the SecurityProvider, my firewall :
$app->register(new Silex\Provider\SecurityServiceProvider(), array(
'security.firewalls' => array(
'user' => array(
'pattern' => '^/user/',
'form' => array(
'login_path' => '/connexion',
'check_path' => '/user/login_check',
'default_target_path' => 'homepage_user'
),
'logout' => array('logout_path' => '/user/deconnexion')
...
)
)
));
它有效!但是我没有找到任何方法来访问模板中的用户对象,symfony synthax 不起作用:
It works ! But I didn't find any way to access to the user object in the template, the symfony synthax doesn't work :
{{ app.user }}
所以我在 Twig 中添加了一个新的全局变量:
So I add a new global in Twig like this :
$app['twig'] = $app->share($app->extend('twig', function($twig, $app) {
$token = $app['security']->getToken();
$user = ($token === null) ? null : $token->getUser();
$twig->addGlobal('user', $user);
return $twig;
}));
它有效但不在安全区域外:$token 为空
It works but not outside the secured area: $token is null
我的问题很简单:如何访问安全区域外的用户?
My question is simple : How can I access to the user outside of the secured area ?
谢谢
我尝试添加一个匿名 = true 的防火墙,如下所示:
I tried to add a firewall with anonymous = true, like this :
$app->register(new Silex\Provider\SecurityServiceProvider(), array(
'security.firewalls' => array(
'user' => array(
'pattern' => '^/user/',
'form' => array(
'login_path' => '/connexion',
'check_path' => '/user/login_check',
'default_target_path' => 'homepage_user'
),
'logout' => array('logout_path' => '/user/deconnexion'),
...
),
'unsecured' => array(
'anonymous' => true
)
)
));
但是它不起作用,在安全区域之外,当用户登录时,令牌是anon".
But it doesn't work, outside of the secured area, when the user is logged, the token is "anon."
推荐答案
但是接下来你要做的,就是把那个页面也放到防火墙下.更改防火墙设置,使/为防火墙,并添加ACL使匿名也可以进入/.然后你就可以拥有用户数据.
But then what you need to do, is put that page under the firewall too. Change the firewall setting so / is the firewall, and add ACL so anonymous can also enter to /. Then you can have there user data.
在您加载标头数据的地方,您检查用户是否已通过身份验证,因为这是主要内容,isGranted('IS_AUTHENTICATED_REMEMBERED')
并且根据结果,您将包括不同的模板文件.
Where you load in your header data, you check that the user is authenticated or not, cause this is the main thing, isGranted('IS_AUTHENTICATED_REMEMBERED')
and depending on the result, you will include different template file.
这篇关于Silex/Symfony 安全防火墙访问安全区域外的用户令牌的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!