在access_control规则重定向后通知用户的最佳方法是什么? [英] What is the best way to notify a user after an access_control rule redirects?
问题描述
来自 Symfony 2.3安全性文档:
如果访问被拒绝,系统将尝试对用户进行身份验证(例如,将用户重定向到登录页面).如果用户已经登录,将显示403访问被拒绝"错误页面.有关更多信息,请参见如何自定义错误页面.
If access is denied, the system will try to authenticate the user if not already (e.g. redirect the user to the login page). If the user is already logged in, the 403 "access denied" error page will be shown. See How to customize Error Pages for more information.
我目前对一些路线使用access_control规则.如果匿名用户被重定向到登录路由,我想通过"您必须登录才能访问该页面"消息来通知他们.我已经阅读了几次安全性文档,但没有发现与此相关的任何内容.我在俯视什么吗?
I am currently using an access_control rule for a few routes. I would like to notify an anonymous user if they're redirected to the login route with a message like "You must login to access that page." I have read through the Security docs a few times and haven't found anything relevant to this. Am I overlooking something?
如果没有,那么当access_control规则仅将其停止登录时,通知用户的最佳方式是什么(即如果用户只是重定向到登录名,则不是) 未经授权的角色)?
If not, what would be the best way to notify the user when they're stopped by an access_control rule only if they're redirected to login (ie not if they're just in an unauthorized role)?
为了澄清起见,我专门询问如何检查重定向是否是由access_control规则引起的(如果可能,最好在树枝中).
For clarification, I am specifically asking how to check if a redirect was caused by an access_control rule (preferably in twig if possible).
推荐答案
因此,经过大量研究,我找到了正确的方法.您需要使用入口点服务并在您的防火墙配置中定义它.
So after quite a bit of research, I found the right way to do this. You'll need to use an Entry Point service and define it in your firewall configuration.
此方法不会弄乱与您的在防火墙配置中指定用于登录的默认页面设置.
security.yml:
firewalls:
main:
entry_point: entry_point.user_login #or whatever you name your service
pattern: ^/
form_login:
# ...
src/Acme/UserBundle/config/services.yml
services:
entry_point.user_login:
class: Acme\UserBundle\Service\LoginEntryPoint
arguments: [ @router ] #I am going to use this for URL generation since I will be redirecting in my service
src/Acme/UserBundle/Service/LoginEntryPoint.php:
namespace Acme\UserBundle\Service;
use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface,
Symfony\Component\Security\Core\Exception\AuthenticationException,
Symfony\Component\HttpFoundation\Request,
Symfony\Component\HttpFoundation\RedirectResponse;
/**
* When the user is not authenticated at all (i.e. when the security context has no token yet),
* the firewall's entry point will be called to start() the authentication process.
*/
class LoginEntryPoint implements AuthenticationEntryPointInterface
{
protected $router;
public function __construct($router)
{
$this->router = $router;
}
/*
* This method receives the current Request object and the exception by which the exception
* listener was triggered.
*
* The method should return a Response object
*/
public function start(Request $request, AuthenticationException $authException = null)
{
$session = $request->getSession();
// I am choosing to set a FlashBag message with my own custom message.
// Alternatively, you could use AuthenticationException's generic message
// by calling $authException->getMessage()
$session->getFlashBag()->add('warning', 'You must be logged in to access that page');
return new RedirectResponse($this->router->generate('login'));
}
}
login.html.twig:
{# bootstrap ready for your convenience ;] #}
{% if app.session.flashbag.has('warning') %}
{% for flashMessage in app.session.flashbag.get('warning') %}
<div class="alert alert-warning">
<button type="button" class="close" data-dismiss="alert">×</button>
{{ flashMessage }}
</div>
{% endfor %}
{% endif %}
资源:
- AuthenticationEntryPointInterface API
- 入口点文档
- 安全配置参考
- 如何自定义表单登录名
- 为什么access_denied_handle不起作用 -谢谢到
- AuthenticationEntryPointInterface API
- Entry Points Documentation
- Security Configuration Reference
- How to Customize your Form Login
- Why access_denied_handle doesn't work - thanks to cheesemacfly for tip
Resources:
这篇关于在access_control规则重定向后通知用户的最佳方法是什么?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
