Symfony2的:检查基于路径的用户身份验证 [英] Symfony2: Check user authentication based on path

查看:112
本文介绍了Symfony2的:检查基于路径的用户身份验证的处理方法,对大家解决问题具有一定的参考价值,需要的朋友们下面随着小编来一起学习吧!

问题描述

在Symfony2中,是否有可能检查用户身份验证的访问,他请求的URL。
我想要做的是,我不想让登录的用户回到注册或登录或恢复密码的页面。

这是我的security.yml:

  ACCESS_CONTROL:
     -  {路径:^ /注册/,角色:IS_AUTHENTICATED_ANONYMOUSLY&功放;&安培; !IS_AUTHENTICATED_FULLY}
     -  {路径:^ /寄存器/,角色:IS_AUTHENTICATED_ANONYMOUSLY&功放;&安培; !IS_AUTHENTICATED_FULLY}
     -  {路径:^ /恢复/,角色:IS_AUTHENTICATED_ANONYMOUSLY&功放;&安培; !IS_AUTHENTICATED_FULLY}

但这正显示出,拒绝访问页面,当前用户。所以,我认为这将是很好,如果我也可以把这种要求用户主页,通过检查如果不允许他。我可以通过用户在收听者进行身份验证或不提供路径检查?

 公共职能onKernelResponse(FilterResponseEvent $事件)
    {
     $请求= $事件 - >调用getRequest();
     $ PATH = $请求 - > getPathInfo();     如果($这个 - >盛器>获取('security.context') -  GT;!为gettoken()= NULL){
       //要检查用户进行身份验证或匿名
       如果(($这个 - >盛器>获取('security.context') -  GT;为gettoken()的instanceof UsernamePasswordToken)及和放大器;
        ($这个 - >盛器>获取('security.context') -  GT; isGranted('IS_AUTHENTICATED_FULLY')==真)){
         //如何检查路径?
        //设置响应重定向到主页
      }
    }
  }


解决方案

security.access_map 服务

的配置的 security.access_control 被处理...... 

  SecurityBundle \\ DependencyInjection \\ SecurityExtension

...这对于路线(路径,主机,IP,...)创建RequestMatchers,然后调用该服务的<一个href=\"https://github.com/symfony/SecurityBundle/blob/2.3/DependencyInjection/SecurityExtension.php#L182\"><$c$c>add()方法与匹配时,允许角色和信道(即HTTPS)。

的服务通常使用由即<一href=\"https://github.com/symfony/Security/blob/master/Http/Firewall/AccessListener.php#L34\">AccessListener.


  

您可以使用 security.access_map 服务访问
   security.access_control 参数在应用程序中。


用于security.access_map服务的类由参数<限定href=\"https://github.com/symfony/symfony/blob/2.3/src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml#L33\">security.access_map.class默认为


  

<一个href=\"https://github.com/symfony/symfony/blob/2.3/src/Symfony/Component/Security/Http/AccessMap.php\"><$c$c>Symfony\\Component\\Security\\Http\\AccessMap (农具
  <一href=\"https://github.com/symfony/symfony/blob/2.3/src/Symfony/Component/Security/Http/AccessMapInterface.php\">AccessMapInterface )


您可以使用参数 security.access_map.class 以覆盖使用自定义类服务(必须实现的 AccessMapInterface 的):

 #即应用程序/配置/ config.yml参数:
    security.access_map.class:我\\自定义\\ AccessMap

如何访问服务

security.access_map 服务是一个私人的服务为您可以通过它的定义见 <一个href=\"https://github.com/symfony/symfony/blob/2.3/src/Symfony/Bundle/SecurityBundle/Resources/config/security_listeners.xml#L74\">here.

这意味着您不能从容器请求它直接像这样:

$这个 - &GT;盛器&GT;获取('security.access_map')

您将有注射到另一个服务(即一个监听器服务)明确才能够访问它。

的侦听器的例子

 服务:
    my_listener:
        等级:我的\\包\\ MyListenerBundle \\事件监听\\ ForbiddenRouteListener
        参数:[@ security.access_map]
        标签:
             -  {名称:kernel.event_listener,事件:kernel.request,方法:onKernelRequest}

然后就可以调用 getPatterns()办法从那里获得RequestMatchers,允许角色并要求道。

 命名空间我的\\包\\ MyListenerBundle \\事件监听;使用的Symfony \\分量\\安全\\ HTTP \\ AccessMapInterface;
使用的Symfony \\分量\\ HttpKernel \\事件\\ GetResponseEvent;类ForbiddenRouteListener
{    保护$ accessMap;    公共职能__construct(AccessMapInterface $ access_map)
    {
        $这个 - &GT; accessMap = $ access_map;
    }    公共职能onKernelRequest(GetResponseEvent $事件)
    {
        $请求= $事件 - &GT;调用getRequest();
        $模式= $这个 - &GT; accessMap-&GT; getPatterns($请求);        // ...

in Symfony2, is it possible to check if user is authenticated to access the URl he requested. What I want to do is, i dont want to allow a logged in user to go back to registration or login or recover password pages.

here is my security.yml:

    access_control:
    - { path: ^/signup/, roles: IS_AUTHENTICATED_ANONYMOUSLY && !IS_AUTHENTICATED_FULLY}
    - { path: ^/register/, roles: IS_AUTHENTICATED_ANONYMOUSLY && !IS_AUTHENTICATED_FULLY}
    - { path: ^/recover/, roles: IS_AUTHENTICATED_ANONYMOUSLY && !IS_AUTHENTICATED_FULLY}

but this is showing, access denied page to current user. So i think it would be nice if I can redirect the user to home page on such request, by checking if he is not allowed. Can I check by providing path that user is authenticated or not in listener?

    public function onKernelResponse(FilterResponseEvent $event)
    {
     $request = $event->getRequest();
     $path = $request->getPathInfo();

     if($this->container->get('security.context')->getToken() != null) {
       // To check if user is authenticated or anonymous
       if( ($this->container->get('security.context')->getToken() instanceof UsernamePasswordToken) &&
        ($this->container->get('security.context')->isGranted('IS_AUTHENTICATED_FULLY') == true) ) {
         // HOW TO CHECK PATH ?
        // set response to redirect to home page
      }
    }
  }

解决方案

The security.access_map service

The configuration of security.access_control is processed by ...

SecurityBundle\DependencyInjection\SecurityExtension

... which creates RequestMatchers for the routes (path,hosts,ip,...) and then invokes the service's add() method with the matcher, the allowed roles and the channel (i.e. https ).

The service is usually used by i.e. the AccessListener.

You can use the security.access_map service to access the security.access_control parameters in your application.

The class used for the security.access_map service is defined by the parameter security.access_map.class and defaults to

Symfony\Component\Security\Http\AccessMap ( implements AccessMapInterface )

You can use the parameter security.access_map.class to override the service with a custom class (must implement AccessMapInterface):

# i.e. app/config/config.yml

parameters:
    security.access_map.class: My\Custom\AccessMap

How to access the service

The security.access_map service is a private service as you can see by it's definition here.

This means you can't request it from the container directly like this:

$this->container->get('security.access_map')

You will have to inject it into another service (i.e. a listener service) explicitly to be able to access it.

A listener example

services:
    my_listener:
        class: My\Bundle\MyListenerBundle\EventListener\ForbiddenRouteListener
        arguments: [ @security.access_map ]
        tags:      
            - { name: kernel.event_listener, event: kernel.request, method: onKernelRequest }

Then you can call the getPatterns() method to obtain the RequestMatchers, allowed roles and required channel from there.

namespace My\Bundle\MyListenerBundle\EventListener;

use Symfony\Component\Security\Http\AccessMapInterface;
use Symfony\Component\HttpKernel\Event\GetResponseEvent;

class ForbiddenRouteListener
{

    protected $accessMap;

    public function __construct(AccessMapInterface $access_map)
    {
        $this->accessMap = $access_map;
    }

    public function onKernelRequest(GetResponseEvent $event)
    {
        $request = $event->getRequest();
        $patterns = $this->accessMap->getPatterns($request);

        // ...

这篇关于Symfony2的:检查基于路径的用户身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!

查看全文
相关文章
PHP最新文章
热门教程
热门工具
登录 关闭
扫码关注1秒登录
发送“验证码”获取 | 15天全站免登陆