Symfony sfDoctrineGuardPlugin自定义登录查询 [英] Symfony sfDoctrineGuardPlugin custom login query
问题描述
我使用symfony sfDoctrineGuardPlugin来管理前端用户和后端用户的身份验证。没关系,除了我不希望前端用户能够登录到后台应用程序。我可以设置凭据,但在用户进行身份验证后会检查凭据。我想要的是使sigin的形式永远不会验证一个用户,这不在后端组。我该怎么做?
I use symfony sfDoctrineGuardPlugin to manage authentication for both frontend users and backend users. It's fine, except that I don't want frontend users to be able to login to the backend app. I can setup credentials, but credentials are checked after a user gets authenticated. What I want is to have sigin in form to never validate for a user, that is not in a backend group. How can I do this?
推荐答案
我想我找到了一个更好的解决方案。 sfDoctrineGuard插件有自己的post验证器,用于检查可选的用户重新检索。
I think I found a better solution. sfDoctrineGuard plugin has its own post validator that checks for an optional callable for user retrival.
//app.yml
all:
sf_guard_plugin:
retrieve_by_username_callable: sfGuardUser::getForBackend
//sfGuardUser.class.php
public static function getForBackend($username)
{
$query = Doctrine::getTable('sfGuardUser')->createQuery('u')
->leftJoin('u.Groups g')
->leftJoin('g.Permissions p')
->where('u.username = ? OR u.email_address = ?', array($username, $username))
->addWhere('u.is_active = ?', true)
->addWhere('p.name = ?', 'backend');
return $query->fetchOne();
}
这篇关于Symfony sfDoctrineGuardPlugin自定义登录查询的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!