安全和路线-Symfony2 [英] Security and routes - Symfony2

问题描述

我希望我的项目的索引页为登录表单，并在其下方提供注册链接，未登录的访问者应该只能看到路径为 / 和带有路由 / register 的注册页面。当我希望将日志重定向到路由为 / home 的主页时。我尝试了一些方法，并且它在开发环境中正常工作（尽管工具栏遇到了一些麻烦- Symfony2-开发环境），但是当我切换到prod env时，浏览器说：页面无法正确重定向。Firefox已检测到服务器正在以永远无法完成的方式重定向对该地址的请求。有时可能会出现此问题是由于禁用或拒绝接受Cookie造成的。

I want the index page for my project to be a login form with a link for registration below it and unlogged visitors should be able to see only the login form with route / and the register page with route /register. When the log I want they to be redirected to the home page with route /home. I tried some things and it's working in the dev environment (although having some troubles with the toolbar - Symfony2 - dev environment) but when I switch to prod env, the browser says: "The page isn't redirecting properly. Firefox has detected that the server is redirecting the request for this address in a way that will never complete. This problem can sometimes be caused by disabling or refusing to accept cookies."

这是我的文件：

security.yml

security:
    encoders:
        EM\MyFriendsBundle\Entity\User:
            algorithm:        sha1
            encode_as_base64: false
            iterations:       1

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER

providers:
    administrators:
        entity: { class: EMMyFriendsBundle:User }

firewalls:
    secured_area:
        pattern:    ^/
        anonymous: ~
        form_login:
            login_path:  /login
            check_path:  /login_check
            default_target_path: /home

access_control:
    - { path: ^/home, roles: ROLE_ADMIN }

routing.yml

login_display:
    pattern: /
    defaults: { _controller: EMMyFriendsBundle:Welcome:display }

login:
    pattern:   /login
    defaults:  { _controller: EMMyFriendsBundle:Welcome:login}

login_check:
    pattern:   /login_check

register:
    pattern: /register
    defaults: { _controller: EMMyFriendsBundle:Welcome:register }

home_display:
    pattern: /home
    defaults: { _controller: EMMyFriendsBundle:Home:display }

WelcomeController.php

<?php

namespace EM\MyFriendsBundle\Controller;

use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\Security\Core\SecurityContext;

class WelcomeController extends Controller
{
    public function displayAction()
    {
        $error=null;
        $last_username=null;
        return $this->render('EMMyFriendsBundle:Welcome:login.html.twig', array('error' => $error, 'last_username' => $last_username));
    }

    public function loginAction()
    {
        $request = $this->getRequest();
        $session = $request->getSession();

        // get the login error if there is one
        if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
            $error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
        } else {
            $error = $session->get(SecurityContext::AUTHENTICATION_ERROR);
            $session->remove(SecurityContext::AUTHENTICATION_ERROR);
        }

        return $this->render('EMMyFriendsBundle:Welcome:login.html.twig', array(
            // last username entered by the user
            'last_username' => $session->get(SecurityContext::LAST_USERNAME),
            'error'         => $error
        ));
    }

    public function registerAction()
    {
         return $this->render('EMMyFriendsBundle:Welcome:register.html.twig');
    }
}

HomeController.php

<?php
namespace EM\MyFriendsBundle\Controller;

use Symfony\Bundle\FrameworkBundle\Controller\Controller;

class HomeController extends Controller
{
    public function displayAction()
    {
        return $this->render('EMMyFriendsBundle:Home:home.html.twig');
    }
}
?>

推荐答案

添加：

    - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }.

这篇关于安全和路线-Symfony2的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！