问题描述
在 Symfony2 中,是否可以检查用户是否经过身份验证以访问他请求的 URl.我想要做的是,我不想让已登录的用户返回注册或登录或恢复密码页面.
in Symfony2, is it possible to check if user is authenticated to access the URl he requested.What I want to do is, i dont want to allow a logged in user to go back to registration or login or recover password pages.
这是我的 security.yml:
here is my security.yml:
access_control:
- { path: ^/signup/, roles: IS_AUTHENTICATED_ANONYMOUSLY && !IS_AUTHENTICATED_FULLY}
- { path: ^/register/, roles: IS_AUTHENTICATED_ANONYMOUSLY && !IS_AUTHENTICATED_FULLY}
- { path: ^/recover/, roles: IS_AUTHENTICATED_ANONYMOUSLY && !IS_AUTHENTICATED_FULLY}
但这是显示,当前用户拒绝访问页面.所以我认为如果我可以根据此类请求将用户重定向到主页,通过检查他是否不被允许,那就太好了.我可以通过在侦听器中提供用户是否经过身份验证的路径来检查吗?
but this is showing, access denied page to current user. So i think it would be nice if I can redirect the user to home page on such request, by checking if he is not allowed. Can I check by providing path that user is authenticated or not in listener?
public function onKernelResponse(FilterResponseEvent $event)
{
$request = $event->getRequest();
$path = $request->getPathInfo();
if($this->container->get('security.context')->getToken() != null) {
// To check if user is authenticated or anonymous
if( ($this->container->get('security.context')->getToken() instanceof UsernamePasswordToken) &&
($this->container->get('security.context')->isGranted('IS_AUTHENTICATED_FULLY') == true) ) {
// HOW TO CHECK PATH ?
// set response to redirect to home page
}
}
}
推荐答案
security.access_map 服务
security.access_control 的配置由 ...
The security.access_map service
The configuration of security.access_control is processed by ...
SecurityBundleDependencyInjectionSecurityExtension
... 为路由(路径、主机、ip、...)创建 RequestMatchers 然后调用服务的 add() 方法与匹配器、允许的角色和通道(即 https).
... which creates RequestMatchers for the routes (path,hosts,ip,...) and then invokes the service's add() method with the matcher, the allowed roles and the channel (i.e. https ).
该服务通常由即 AccessListener.
The service is usually used by i.e. the AccessListener.
您可以使用 security.access_map 服务访问security.access_control 应用程序中的参数.
用于 security.access_map 服务的类由参数 security.access_map.class 并默认为
The class used for the security.access_map service is defined by the parameter security.access_map.class and defaults to
SymfonyComponentSecurityHttpAccessMap ( 实现AccessMapInterface )
您可以使用参数 security.access_map.class 用自定义类覆盖服务(必须实现 AccessMapInterface):
You can use the parameter security.access_map.class to override the service with a custom class (must implement AccessMapInterface):
# i.e. app/config/config.yml
parameters:
security.access_map.class: MyCustomAccessMap
如何访问服务
security.access_map 服务是一个 私有 服务,正如您从它的定义中看到的 这里.
How to access the service
The security.access_map service is a private service as you can see by it's definition here.
这意味着您不能像这样直接从容器请求它:
This means you can't request it from the container directly like this:
$this->container->get('security.access_map')
您必须将其显式注入到另一个服务(即侦听器服务)中才能访问它.
You will have to inject it into another service (i.e. a listener service) explicitly to be able to access it.
services:
my_listener:
class: MyBundleMyListenerBundleEventListenerForbiddenRouteListener
arguments: [ @security.access_map ]
tags:
- { name: kernel.event_listener, event: kernel.request, method: onKernelRequest }
然后您可以调用 getPatterns() 方法从那里获取 RequestMatchers、允许的角色和所需的频道.
Then you can call the getPatterns() method to obtain the RequestMatchers, allowed roles and required channel from there.
namespace MyBundleMyListenerBundleEventListener;
use SymfonyComponentSecurityHttpAccessMapInterface;
use SymfonyComponentHttpKernelEventGetResponseEvent;
class ForbiddenRouteListener
{
protected $accessMap;
public function __construct(AccessMapInterface $access_map)
{
$this->accessMap = $access_map;
}
public function onKernelRequest(GetResponseEvent $event)
{
$request = $event->getRequest();
$patterns = $this->accessMap->getPatterns($request);
// ...
这篇关于Symfony2:根据路径检查用户身份验证的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持!