安全性和基于Symfony 2的项目登录 [英] Security and login on a Symfony 2 based project

问题描述

我正在开发基于Symfony 2 PHP框架的Web应用程序.

它具有用于注册用户的登录页面.我想为每个登录系统的用户执行一些自定义逻辑.

基本上，我想在任何用户登录到系统时都进行登录，但是我不想在主页的控制器上进行登录，因为每次用户重新加载主页时都会登录.

我还希望实现一个在用户登录系统时调用的函数，以便我可以决定是否对任何用户授予访问权限(基于存储在用户数据库中的全套信息). /p>

我该如何实现?

解决方案

对于您的问题的第一部分，我有类似的内容(例如，存储用户登录的最后日期和时间).我沿着一条因事件而被解雇的服务的路线走了.在您的服务配置中(此处为XML示例):

<services>

    <service id="my.login.listener" class="My\OwnBundle\Event\LoginEventListener">
      <tag name="kernel.event_listener" event="security.interactive_login" />
    </service>

</services>

，然后在捆绑包中的适当位置创建上述类:

namespace My\OwnBundle\Event;

use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
use My\OwnBundle\User\User as MyUser;

class LoginEventListener
{
    /**
     * Catches the login of a user and does something with it
     *
     * @param \Symfony\Component\Security\Http\Event\InteractiveLoginEvent $event
     * @return void
     */
    public function onSecurityInteractiveLogin(InteractiveLoginEvent $event)
    {
        $token = $event->getAuthenticationToken();
        if ($token && $token->getUser() instanceof MyUser)
        {
            // You can do something here eg
            // record the date & time of the user's login
        }
    }
}

我想您可以将其扩展到问题的第二部分，但是我还没有这样做:-)

I'm developing a web application based on the Symfony 2 PHP framework.

It has a login page for the users registered. I want to execute some custom logic for every user logging into the system.

Basicaly, I want to log whenever any user logs into the system, but I don't want to do it on the main page's controller, because it would log every time the user reloads the main page.

I also want to implement a function that gets called when the user logs into the system so I can decide wether the access is granted or not for any user (based on a full set of information stored on the user's database).

How can I achieve this?

解决方案

For the first part of your question, I had something similar (eg store the last date & time of a user's login). I went down the route of a service which was fired upon an event. In your services config (XML example here):

<services>

    <service id="my.login.listener" class="My\OwnBundle\Event\LoginEventListener">
      <tag name="kernel.event_listener" event="security.interactive_login" />
    </service>

</services>

and then create the above mentioned class in the appropriate place in your bundle:

namespace My\OwnBundle\Event;

use Symfony\Component\Security\Http\Event\InteractiveLoginEvent;
use My\OwnBundle\User\User as MyUser;

class LoginEventListener
{
    /**
     * Catches the login of a user and does something with it
     *
     * @param \Symfony\Component\Security\Http\Event\InteractiveLoginEvent $event
     * @return void
     */
    public function onSecurityInteractiveLogin(InteractiveLoginEvent $event)
    {
        $token = $event->getAuthenticationToken();
        if ($token && $token->getUser() instanceof MyUser)
        {
            // You can do something here eg
            // record the date & time of the user's login
        }
    }
}

I would imagine that you could extend this to the second part of your question, however I've not done this :-)

这篇关于安全性和基于Symfony 2的项目登录的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！