Silex/Symfony 安全防火墙访问安全区域外的用户令牌 [英] Silex/Symfony Security Firewall Access user token outside the secured area

问题描述

我使用 Silex 和 SecurityProvider，我的防火墙:

I use Silex and the SecurityProvider, my firewall :

$app->register(new Silex\Provider\SecurityServiceProvider(), array(
  'security.firewalls' => array(
    'user' => array(
      'pattern' => '^/user/',
      'form' => array(
        'login_path' => '/connexion',
        'check_path' => '/user/login_check',
        'default_target_path' => 'homepage_user'
        ),
      'logout' => array('logout_path' => '/user/deconnexion')
      ...
      )
    )
  ));

它有效！但是我没有找到任何方法来访问模板中的用户对象，symfony synthax 不起作用:

It works ! But I didn't find any way to access to the user object in the template, the symfony synthax doesn't work :

{{ app.user }}

所以我在 Twig 中添加了一个新的全局变量:

So I add a new global in Twig like this :

$app['twig'] = $app->share($app->extend('twig', function($twig, $app) {
  $token = $app['security']->getToken();
  $user = ($token === null) ? null : $token->getUser();
  $twig->addGlobal('user', $user);
  return $twig;
}));

它有效但不在安全区域外:$token 为空

It works but not outside the secured area: $token is null

我的问题很简单:如何访问安全区域外的用户?

My question is simple : How can I access to the user outside of the secured area ?

谢谢

我尝试添加一个匿名 = true 的防火墙，如下所示:

I tried to add a firewall with anonymous = true, like this :

$app->register(new Silex\Provider\SecurityServiceProvider(), array(
  'security.firewalls' => array(
    'user' => array(
      'pattern' => '^/user/',
      'form' => array(
        'login_path' => '/connexion',
        'check_path' => '/user/login_check',
        'default_target_path' => 'homepage_user'
        ),
      'logout' => array('logout_path' => '/user/deconnexion'),
      ...
      ),
    'unsecured' => array(
      'anonymous' => true
      )
    )
  ));

但是它不起作用，在安全区域之外，当用户登录时，令牌是anon".

But it doesn't work, outside of the secured area, when the user is logged, the token is "anon."

推荐答案

但是接下来你要做的，就是把那个页面也放到防火墙下.更改防火墙设置，使/为防火墙，并添加ACL使匿名也可以进入/.然后你就可以拥有用户数据.

But then what you need to do, is put that page under the firewall too. Change the firewall setting so / is the firewall, and add ACL so anonymous can also enter to /. Then you can have there user data.

在您加载标头数据的地方，您检查用户是否已通过身份验证，因为这是主要内容，isGranted('IS_AUTHENTICATED_REMEMBERED') 并且根据结果，您将包括不同的模板文件.

Where you load in your header data, you check that the user is authenticated or not, cause this is the main thing, isGranted('IS_AUTHENTICATED_REMEMBERED') and depending on the result, you will include different template file.

这篇关于Silex/Symfony 安全防火墙访问安全区域外的用户令牌的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！