Symfony2-仅匿名用户无法登录和注册页面 [英] Symfony2 - Access for Login and Register page for Anonymous only not Users

问题描述

我有一个带有登录表单的网站，成功登录后，我被重定向到索引。但是，当我单击后退按钮时，它仍使我仍然无法查看登录表单。我只希望匿名查看者可以访问登录表单，而不希望已经登录的用户访问。在symfony2中有一种简单的方法吗？谢谢

I have this website with a login form and after I successfully logged in, I am redirected to the index. But when I click the back button, it lets me still view the login form which is not good. I want only the login form to be accessible by anonymous viewers only and not users who have logged in already. Is there a simple way to do this in symfony2? thanks

这是我的安全。

    jms_security_extra:
    secure_all_services: false
    expressions: true

security:
    encoders:
        Mata\UserBundle\Entity\User: 
            algorithm:        sha1
            encode_as_base64: false
            iterations:   1

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]


    providers:
        user_db:
            entity: { class: MataUserBundle:User,  property: username }

    firewalls:

        secured_area:
            pattern:    ^/
            anonymous: ~
            form_login:
                check_path: /login_check
                login_path: /login
            logout:
                path:   /logout
                target: /

    access_control:
    - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/, roles: ROLE_USER }

推荐答案

这可能不是最好或适当的方法，但这是我能弄清楚的唯一方法。

This may not be the best or proper way to do it, but its been the only way I could figure it out.

在我的loginAction方法中，我执行了此操作（请参阅$ secured变量）。如果用户会话已通过身份验证，那么我会将其重定向到主页/索引页面。我不知道通过防火墙配置完成此操作的方法，因为我不认为登录页面上会附加防火墙。

In my loginAction method I do this (see the $secured variable). If the user session is authenticated then I redirect them to the home/index page. I don't know of a way to do it via the firewall config because I don't believe the login page would ever have a firewall attached to it.

/**
 * @Route("/login", name="login")
 * @Template()
 */
public function loginAction()
{
    $request = $this->getRequest();
    $session = $request->getSession();

    // if the session is secured (user is logged in) 
    // then $secured will be an object with various user information.
    $secured = unserialize($session->get('_security_secured'));
    if ($secured) {
        return $this->redirect($this->generateUrl('home'));
    }

    // get the login error if there is one
    if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
        $error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
    } else {
        $error = $session->get(SecurityContext::AUTHENTICATION_ERROR);
    }

    return array(
        'last_username' => $session->get(SecurityContext::LAST_USERNAME),
        'error'         => $error,
        'embed'         => $request->isXmlHttpRequest()
    );
}

这篇关于Symfony2-仅匿名用户无法登录和注册页面的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！