是否有任何类型的“预登录"?事件或类似? [英] Is there any sort of "pre login" event or similar?
问题描述
在检查用户的凭据是否正确之前,我需要运行一些代码.目前,我正在使用自定义事件侦听器来实现这一点,该侦听器触发 kernel.request
事件并检查请求的 URL 是否与 security.yml 的 check_path
设置匹配.但这是低效的,因为它在每个请求上运行.我知道 onSecurityInteractiveLogin
事件,但我相信它会在成功登录尝试后触发.有谁知道是否有登录前事件,或者我可以在哪里自己发送自定义事件?
I need to run some code prior to checking if a user's credentials are correct. Currently I'm achieving this with a custom event listener that fires on the kernel.request
event and checks if the requested URL matches security.yml's check_path
setting. But this is inefficient since it runs on every request. I'm aware of the onSecurityInteractiveLogin
event, but I believe that fires after a successful login attempt. Does anyone know if there's a pre login event, or where I could dispatch a custom event myself?
推荐答案
因此,没有官方"登录前事件.但值得庆幸的是,设置一个并不难,因为 Symfony2 是如此可扩展.诀窍是使用您自己的服务来处理身份验证.
So, there's no 'official' pre-login event. But thankfully it's not hard to set one up since Symfony2 is so extendable. The trick is to use your own service to handle authentication.
Symfony 在使用登录表单时使用这个类:
Symfony uses this class when using a login form:
SymfonyComponentSecurityHttpFirewallUsernamePasswordFormAuthenticationListener
如果你覆盖了 security.authentication.listener.form.class
参数(最初在 SymfonyBundleSecurityBundleResourcesconfigsecurity_listener.xml
中定义)你可以使用扩展 UsernamePasswordFormAuthenticationListener
的自定义侦听器.
If you override the security.authentication.listener.form.class
parameter (originally defined in SymfonyBundleSecurityBundleResourcesconfigsecurity_listeners.xml
) you can use a custom listener that extends UsernamePasswordFormAuthenticationListener
.
剩下要做的就是覆盖 attemptAuthentication()
方法来调度自定义事件.
All that's left to do is override the attemptAuthentication()
method to dispatch the custom event.
(其实你还需要在__construct()
中将事件调度器作为类属性存储)
(Actually you also need to store the event dispatcher as a class property in __construct()
)
此方法应该与其他身份验证方法一起使用 - 您需要做的就是修改适当的侦听器(即 BasicAuthenticationListener
、X509AuthenticationListener
等)
This method should work with other authentication methods - all you'd need to do is modify the appropriate listener (ie BasicAuthenticationListener
, X509AuthenticationListener
, etc.)
这篇关于是否有任何类型的“预登录"?事件或类似?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!