Symfony2：如何通过IP地址限制/拒绝对某些路由的访问？ [英] Symfony2: How to restrict / deny access to certain routes by IP address?

问题描述

如果客户的IP地址已被禁止，我想禁止访问 /登录和 /注册

I'd like to disallow access to /login and /register if a client's IP address has been banned.

被禁用IP的（黑色）列表存储在数据库中。

The (black-) list of banned IPs is stored in the database.

如何解决

推荐答案

从symfony 2.4开始，您可以使用您的配置文件中的表达语言组件。

Since symfony 2.4 you can use the Expression Language Component in your config-files.

现在实现简单的IP检查是容易：

Now implementing a simple IP check is easy:

• 使用方法（即<< c $ c> access_manager ）创建服务（例如 getBannedIPs（））从存储层获取禁止IP列表


• 向安全配置中添加一个表达式，比较返回的数组


• 就是这样。

• create a service (i.e. access_manager) with a method (i.e. getBannedIPs()) that fetches the list of banned IPs from your storage layer
• Add an expression to your security configuration that compares the returned array against the client's IP address
• That's it.

# app/config/security.yml
security:
    # ...
    access_control:
        - path: ^/(login|register)$
          allow_if: "request.getClientIp() not in @=service('access_manager').getBannedIPs()"

这篇关于Symfony2：如何通过IP地址限制/拒绝对某些路由的访问？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！