Symfony2在未登录时将/ admin / *重定向到/ admin / login(或使用FOSUserBundle?)
[英]Symfony2 redirect /admin/* to /admin/login when not logged in (or use FOSUserBundle?)
问题描述
I am new to Symfony and I am trying to build an admin interface. 
我是Symfony的新手,正在尝试建立管理界面。 I have an existing users table and all I want is to secure the ^/admin.+ path with a login page at /admin/login and Symfony seems to be very tutorial-oriented with little explanation on how to customize anything. 我有一个现有的用户表,我想要做的只是使用/admin/login上的登录页面来保护^/admin.+路径,而Symfony似乎是非常面向教程的,几乎没有关于如何自定义任何内容的解释。 (or at least, not much info on how each piece component works together with the others) (或至少,关于每个部件如何与其他部件一起工作的信息不多)
Here is my security.yml 这是我的security.yml
encoders:
AppBundle\Entity\Users:
algorithm: sha1
encode_as_base64: false
iterations: 1
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]
providers:
administrators:
entity: { class: AppBundle:Users, property: email }
in_memory:
memory: ~
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: ~
admin_area:
pattern: ^/admin
anonymous: ~
provider: administrators
form_login:
default_target_path: /admin
check_path: /admin/login_check
login_path: /admin/login
remember_me: true
logout:
path: /admin/logout
target: /admin
access_control:
- { path: ^/admin/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, roles: ROLE_ADMIN }
When I go to /admin I get error page with "Full authentication is required to access this resource." 当我转到/ admin时,出现错误页面,显示“需要完全验证才能访问此资源”。 What I want is for the app to redirect from /admin/* (except /admin/login of course) to /admin/login when not logged in. 我想要的是让应用程序在未登录时从/admin/* (当然/ admin / login除外)重定向到/admin/login 。
Notes & Other Questions 注释和其他问题
Symfony seems to want you to always use certain existing bundles and I have scoured the web for info on how to understand what's actually happening but only seem to find more and more tutorials. Symfony似乎希望您始终使用某些现有的捆绑软件,并且我在网上搜索了有关如何了解实际情况的信息,但似乎只能找到越来越多的教程。
Should I even be using FOSUserBundle? 我应该使用FOSUserBundle吗? If so, can I use my existing users table or do I have to use their schema? 如果是这样,我可以使用现有的用户表还是必须使用其架构?
1 个解决方案
解决方案1
2 已采纳 2016-05-02 23:20:57
You should change the order of firewalls, so make admin_area before main 您应该更改防火墙的顺序,因此在main之前先设置admin_area
admin_area:
pattern: ^/admin
anonymous: ~
provider: administrators
form_login:
default_target_path: /admin
check_path: /admin/login_check
login_path: /admin/login
remember_me: true
logout:
path: /admin/logout
target: /admin
main:
anonymous: ~
Explication 解释
In our example, the main firewall doesn't contain pattern, then if it's defined in first order it will take all routes. 在我们的示例中,主防火墙不包含模式,然后,如果以一阶定义,它将采用所有路由。 so in this firewall (main) we don't define the form_login then we get the error page with "Full authentication is required to access this resource.". 因此,在此防火墙(主)中,我们没有定义form_login,然后显示错误页面,提示“访问此资源需要完整身份验证”。
In another way, if you add the pattern in the main firewall, you will not have the error (see the example above) 换句话说,如果您将图案添加到主防火墙中,则不会出现错误(请参见上面的示例)
main:
pattern: /home
anonymous: ~
admin_area:
pattern: ^/admin
anonymous: ~
provider: administrators
form_login:
default_target_path: /admin
check_path: /admin/login_check
login_path: /admin/login
remember_me: true
logout:
path: /admin/logout
target: /admin
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.