symfony2 以编程方式验证用户 [英] symfony2 programmatically authenticate user

问题描述

我刚刚完成了本教程:http://symfony.com/doc/current/cookbook/security/api_key_authentication.html(包括在会话中存储身份验证")

I just went through this tutorial: http://symfony.com/doc/current/cookbook/security/api_key_authentication.html (including "Storing Authentication in the Session")

它通过 api 密钥工作和授权用户，并成功地在会话中存储身份验证.

It works and authorizes users by an api key and successfully stores authentication in the Session.

但是，我不知道如何通过该身份验证方法以编程方式对用户进行身份验证.

But, I've no any ideas how to programmatically authenticate user through that authentication method.

我尝试过类似的方法:

$user = new User(
    'admin',
    null,
    ['ROLE_ADMIN']
);

$token = new PreAuthenticatedToken($user, null, "secured_area", $user->getRoles());
$this->get("security.token_storage")->setToken($token);

$request = $this->get("request");
$event = new InteractiveLoginEvent($request, $token);
$this->get("event_dispatcher")->dispatch("security.interactive_login", $event);

但它似乎使用了错误的身份验证提供程序.

but it seems like it used wrong authentication provider.

请有人告诉我我做错了什么吗?(:

Can please someone tell me what I doing wrong? (:

更新:

当通过上述方法进行身份验证时，会话令牌存储在默认"防火墙下.

When authentication was done by method above, in session token is stored under "default" firewall.

security:
    providers:
        api_key_user_provider:
            id: api_key_user_provider

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt|error)|css|images|js)/
            security: false

        secured_area:
            pattern: ^/admin
            simple_preauth:
                authenticator: apikey_authenticator

        default:
            anonymous: ~

为什么不使用secured_area"防火墙而是使用default"?如何正确强制使用secured_area"?

Why instead of using "secured_area" firewall it uses "default"? How to properly force "secured_area" usage?

推荐答案

您的用户创建不正确，您应该使用用户管理器:

your user creation is not correct , you should use the user manager:

$userManager = $this->container->get('fos_user.user_manager');

// Create our user and set details
$user = $userManager->createUser();
$user->setUsername('username');
$user->setEmail('email@domain.com');
$user->setPlainPassword('password');
//$user->setPassword('encrypted_password');
$user->setEnabled(true);
$user->setRoles(array('ROLE_ADMIN'));

// Update the user
$userManager->updateUser($user, true);

然后你可以用这个来验证用户:

Then you can authenticate user with this :

$token = new UsernamePasswordToken(
    $user,
    $user->getPassword(),
    'secured_area',
    $user->getRoles()
);

$this->get('security.context')->setToken($token);

$request->getSession()->set('_security_secured_area', serialize($token));

$token = new UsernamePasswordToken($user, $user->getPassword(), "secured_area", $user->getRoles());
$this->get("security.context")->setToken($token);

$event = new InteractiveLoginEvent($request, $token);
$this->get("event_dispatcher")->dispatch("security.interactive_login", $event);

你可以用更传统的方式来做这件事，让我知道它是否有助于获得正确的防火墙.

You can do it like this in a more conventional way, let me know if it helps getting the right firewall.

顺便说一句，我不确定这是否已经在您的 symfony 版本中，但有一个更简单的方法:

btw i am not sure if this is already in your symfony version yet, but there is an easier way :

https://github.com/symfony/symfony/pull/13062

这篇关于symfony2 以编程方式验证用户的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！