手动身份验证检查 Symfony 2 [英] Manual authentication check Symfony 2

问题描述

我正在开发一个 Symfony 2 应用程序，用户必须在登录过程中选择一个配置文件.

I'm working on a Symfony 2 application where the user must select a profile during the login process.

用户可能有多个要使用的配置文件，而且他们只知道自己的配置文件.所以首先，我需要提示输入用户名和密码，如果这些是正确的，我不应该登录用户，我需要提示用户在会话期间将使用的配置文件.

Users may have multiples profiles to work with and they only know their own profiles. So first, I need to prompt for username and password, if those are correct, I should not login the user, I need to prompt for profile witch user will use during the session.

因此，我显示了一个包含用户名和密码字段的表单，并使用 Ajax 请求发送它，如果用户名和密码正确，则该请求以配置文件列表响应，否则返回错误代码.最后，用户使用用户名、密码和配置文件登录系统.

So, I show a form with a username and password field, and send it using an Ajax request, that request responds with the profile list if username and password are correct or an error code otherwise. Finally the user logs into the system using username, password and profile.

问题是我不知道如何检查身份验证数据是否正确(使用我所有的身份验证管理器、用户提供程序等)来完成这个中间步骤(提示输入配置文件)，而实际上没有记录用户.

The problem is that I don't know how to check if authentication data is correct (using all my authentication managers, users providers, etc) to accomplish this intermediate step (prompts for profile) without in fact logging the user.

谁能帮我解决这个问题?

Can anyone help me with this?

推荐答案

我使用了来自 @Jordon 和 @Potor Polak 将逻辑包装在使用当前访问令牌来验证密码的独立服务中.也许有些人需要这个:

I used the code from @Jordon and @Potor Polak to wrap the logic in a standalone service that used the current access token to validate the password. Maybe some needs this:

services.yml:

app.validator.manual_password:
    class: AppBundle\Service\ManualPasswordValidator
    arguments:
        - '@security.token_storage'
        - '@security.encoder_factory'

ManualPasswordValidator.php:

<?php

namespace AppBundle\Service;

use Symfony\Component\Security\Core\Authentication\Token\Storage\TokenStorage;
use Symfony\Component\Security\Core\Encoder\EncoderFactory;

/**
 * Class ManualPasswordValidator
 *
 * @package AppBundle\Service
 */
class ManualPasswordValidator
{
    /**
     * @var EncoderFactory
     */
    protected $encoderFactory;

    /**
     * @var TokenStorage
     */
    protected $tokenStorage;

    /**
     * ManualPasswordValidator constructor.
     * 
     * @param EncoderFactory $encoderFactory
     * @param TokenStorage $tokenStorage
     */
    public function __construct(TokenStorage $tokenStorage, EncoderFactory $encoderFactory)
    {
        $this->encoderFactory = $encoderFactory;
        $this->tokenStorage = $tokenStorage;
    }

    /**
     * @param $password
     * @return bool
     */
    public function passwordIsValidForCurrentUser($password)
    {
        $token = $this->tokenStorage->getToken();

        if ($token) {
            $user = $token->getUser();

            if ($user) {
                $encoder = $this->encoderFactory->getEncoder($user);

                if ($encoder->isPasswordValid($user->getPassword(), $password, $user->getSalt())) {
                    return true;
                }
            }
        }

        return false;
    }
}

在此之后，您可以将 ManualPasswordValidator 注入到您想要的任何位置并使用它:

After this you can inject the ManualPasswordValidator wherever you want and use it like:

$password        = $request->get('password');
$passwordIsValid = $this->manualPasswordValidator->passwordIsValidForCurrentUser($password);

这篇关于手动身份验证检查 Symfony 2的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！