在不安全区域访问 app.user，silex [英] Accessing app.user in unsecured area, silex

问题描述

我有这样的防火墙配置:

I have this configuration for firewall :

$app->register(new Silex\Provider\SecurityServiceProvider(), array(
     'admin' => array(
            'pattern' => '^/admin',
            'form' => array(
                'login_path' => '/#login',
                'check_path' => '/admin/login_check',
            ),
            'logout' => array(
                'logout_path' => '/admin/logout',
            )
        ),
    'unsecured' => array(
            'anonymous' => true,
            'pattern' => '^.*$',
        ),
    ));

还有这个用于 security.rules :

and also this for security.rules :

$app['security.access_rules'] = array(
    array('^/admin', 'ROLE_ADMIN'),
    array('.*', 'IS_AUTHENTICATED_ANONYMOUSLY'),
);

我看到这个答案:Silex/Symfony 安全防火墙访问安全区域外的用户令牌但问题是，我无法访问/"页面中的 app.user，并且 is_granted(在 twig 中)总是对任何输入返回 false.

I see this answer : Silex/Symfony Security Firewall Access user token outside the secured area But the problem is, I can not access the app.user in "/" page and is_granted (in twig) always return false to any input.

我不知道那个答案中提到的 ACL 是否是别的东西(除了 access_rules)或者我做错了什么.

I don't know if the ACL mentioned in that answer is something else (other than the access_rules) or I do something wrong.

推荐答案

我相信一个用户(令牌)只能在登录它的防火墙内访问.所以只要你在 /admin 您网站的一部分，您可以访问 app.user，但不在不安全"防火墙内.

I believe a user (token) is only accessible within the firewall that logged it in. So as long as you are within /admin part of your site you would have access to the app.user, but not within the "unsecured" firewall.

要获得您正在寻找的行为，您需要拥有一个具有 ^/ 模式的整体/站点范围的防火墙，然后使用访问规则来限制对 /admin 的访问代码>.

To have the behaviour you are looking for, you need to have one overall/sitewide firewall with the pattern of ^/ and then use access rules to restrict access to /admin.

$app->register(new Silex\Provider\SecurityServiceProvider(), array(
    'main' => array(
        'pattern' => '^/',
        'anonymous' => true,
        'form' => array(
            'login_path' => '/#login',
            'check_path' => '/admin/login_check',
        ),
        'logout' => array(
            'logout_path' => '/admin/logout',
        )
    ),
));

$app['security.access_rules'] = array(
    array('^/admin', 'ROLE_ADMIN'),
    array('^/', 'IS_AUTHENTICATED_ANONYMOUSLY'),
);

因此，您网站的全新用户将立即进行匿名身份验证，直到他们以允许他们访问 /admin 的角色登录.

So a brand new user to your site would be immediately authenticated anonymously, until they login with a role that allows them to access /admin.

还值得注意的是，如果您将登录表单放在管理区域内，例如 /admin/login.他们需要为登录 URL 添加匿名访问规则.

It's also worth noting that if you were to have your login form within admin area, as something like /admin/login. Them you would need to add an anonymous access rule for the login URL.

希望这会有所帮助！

这篇关于在不安全区域访问 app.user，silex的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！