是否有任何类型的“预登录"?事件或类似? [英] Is there any sort of "pre login" event or similar?
问题描述
在检查用户的凭据是否正确之前,我需要运行一些代码.目前,我正在使用自定义事件侦听器来实现这一点,该侦听器触发 kernel.request 事件并检查请求的 URL 是否与 security.yml 的 check_path 设置匹配.但这是低效的,因为它在每个请求上运行.我知道 onSecurityInteractiveLogin 事件,但我相信它会在成功登录尝试后触发.有谁知道是否有登录前事件,或者我可以在哪里自己发送自定义事件?
I need to run some code prior to checking if a user's credentials are correct. Currently I'm achieving this with a custom event listener that fires on the kernel.request event and checks if the requested URL matches security.yml's check_path setting. But this is inefficient since it runs on every request. I'm aware of the onSecurityInteractiveLogin event, but I believe that fires after a successful login attempt. Does anyone know if there's a pre login event, or where I could dispatch a custom event myself?
推荐答案
因此,没有官方"登录前事件.但值得庆幸的是,设置一个并不难,因为 Symfony2 是如此可扩展.诀窍是使用您自己的服务来处理身份验证.
So, there's no 'official' pre-login event. But thankfully it's not hard to set one up since Symfony2 is so extendable. The trick is to use your own service to handle authentication.
Symfony 在使用登录表单时使用这个类:
Symfony uses this class when using a login form:
SymfonyComponentSecurityHttpFirewallUsernamePasswordFormAuthenticationListener
如果你覆盖了 security.authentication.listener.form.class 参数(最初在 SymfonyBundleSecurityBundleResourcesconfigsecurity_listener.xml 中定义)你可以使用扩展 UsernamePasswordFormAuthenticationListener 的自定义侦听器.
If you override the security.authentication.listener.form.class parameter (originally defined in SymfonyBundleSecurityBundleResourcesconfigsecurity_listeners.xml) you can use a custom listener that extends UsernamePasswordFormAuthenticationListener.
剩下要做的就是覆盖 attemptAuthentication() 方法来调度自定义事件.
All that's left to do is override the attemptAuthentication() method to dispatch the custom event.
(其实你还需要在__construct()中将事件调度器作为类属性存储)
(Actually you also need to store the event dispatcher as a class property in __construct())
此方法应该与其他身份验证方法一起使用 - 您需要做的就是修改适当的侦听器(即 BasicAuthenticationListener、X509AuthenticationListener 等)
This method should work with other authentication methods - all you'd need to do is modify the appropriate listener (ie BasicAuthenticationListener, X509AuthenticationListener, etc.)
这篇关于是否有任何类型的“预登录"?事件或类似?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
