Symfony sfDoctrineGuardPlugin 自定义登录查询 [英] Symfony sfDoctrineGuardPlugin custom login query

问题描述

我使用 symfony sfDoctrineGuardPlugin 来管理前端用户和后端用户的身份验证.没关系，只是我不希望前端用户能够登录到后端应用程序.我可以设置凭据，但在用户通过身份验证后会检查凭据.我想要的是让表单中的 sigin 永远不会为用户验证，而不是在后端组中.我怎样才能做到这一点?

I use symfony sfDoctrineGuardPlugin to manage authentication for both frontend users and backend users. It's fine, except that I don't want frontend users to be able to login to the backend app. I can setup credentials, but credentials are checked after a user gets authenticated. What I want is to have sigin in form to never validate for a user, that is not in a backend group. How can I do this?

推荐答案

我想我找到了更好的解决方案.sfDoctrineGuard 插件有自己的后验证器，用于检查用户检索的可选可调用对象.

I think I found a better solution. sfDoctrineGuard plugin has its own post validator that checks for an optional callable for user retrival.

//app.yml
all:
  sf_guard_plugin:
    retrieve_by_username_callable: sfGuardUser::getForBackend

//sfGuardUser.class.php

  public static function getForBackend($username)
  {
    $query = Doctrine::getTable('sfGuardUser')->createQuery('u')
      ->leftJoin('u.Groups g')
      ->leftJoin('g.Permissions p')
      ->where('u.username = ? OR u.email_address = ?', array($username, $username))
      ->addWhere('u.is_active = ?', true)
      ->addWhere('p.name = ?', 'backend');

    return $query->fetchOne();
  }

这篇关于Symfony sfDoctrineGuardPlugin 自定义登录查询的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！