I'm looking to setup a private beta on a symfony site I'm launching soon. I've got a list of invited people's email addresses to check against in a text file on the server, and I'd like to present people with an html form whenever they try to access the site without permission. Once a person has entered their email address, it should redirect them to the home page. The tricky part is that past that I'm using FOSUserBundle with a whole account login system already in place. How should I approach this problem? The person logging in with their email doesn't have an account yet, so I can't just add a role like INVITED_USER to their user document, so I'm thinking about trying to store their status in their session, and checking that using symfony 2.4's allow_if expression, but I get an error:
Fatal error: Uncaught exception 'Symfony\\Component\\Config\\Definition\\Exception\\InvalidConfigurationException' with message 'Unrecognized options "allow_if" under "security.access_control.17"' in C:\\wamp\\www\\vendor\\symfony\\symfony\\src\\Symfony\\Component\\Config\\Definition\\ArrayNode.php on line 306
My security.yml file looks like this:
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
beta:
pattern: ^/
anonymous: ~
form_login:
login_path: /beta
check_path: /beta_invite_check
always_use_default_target_path: true
default_target_path: /
logout:
path: /logout
target: /
main:
pattern: ^/
form_login:
check_path: /login_check
provider: fos_userbundle
always_use_default_target_path: false
default_target_path: /profile
use_referer: true
success_handler: security.authentication.handler
logout:
path: /logout
target: /
invalidate_session: false
anonymous: ~
login:
pattern: ^/login$
security: false
access_control:
- { path: ^/beta, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/account, roles: ROLE_USER}
- { path: /_wdt/.*, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: /_profiler/.*, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/profile, role: ROLE_USER }
- { path: ^/submit, role: ROLE_USER }
- { path: ^/submissions, role: ROLE_USER }
- { path: ^/uploadCredits, role: ROLE_USER }
- { path: ^/transactions, role: ROLE_USER }
- { path: ^/activity, role: ROLE_USER }
- { path: ^/browse/join, role: ROLE_USER }
- { path: ^/browse/follow, role: ROLE_USER }
- { path: ^/browse/unfollow, role: ROLE_USER }
- { path: ^/player/rating, role: ROLE_USER }
- { path: ^/, allow_if: "'BETA_ALLOWED' == request.getSession().beta" }
Does anyone know why this is happening? allow_if seems to be a new feature so maybe someone's bundle isn't playing nice with it? Here's my composer.json file too, just in case:
{
"name": "symfony/framework-standard-edition",
"description": "The \"Symfony Standard Edition\" distribution",
"autoload": {
"psr-0": { "": "src/" }
},
"require": {
"doctrine/mongodb-odm": "1.0.*@dev",
"doctrine/mongodb-odm-bundle": "3.0.*@dev",
"php": ">=5.3.3",
"symfony/symfony": "2.4.1",
"doctrine/orm": "~2.2,>=2.2.3",
"doctrine/doctrine-bundle": "1.2.*",
"twig/extensions": "1.0.*",
"symfony/assetic-bundle": "2.1.*",
"hipaway-travel/mandrill-bundle": "dev-master",
"symfony/monolog-bundle": "2.2.*",
"sensio/distribution-bundle": "2.2.*",
"sensio/framework-extra-bundle": "2.2.*",
"sensio/generator-bundle": "2.2.*",
"jms/security-extra-bundle": "dev-master",
"friendsofsymfony/user-bundle": "~2.0.*@dev",
"jms/di-extra-bundle": "dev-master",
"sonata-project/media-bundle": "2.2.*@dev",
"sonata-project/admin-bundle": "2.2.*@dev",
"sonata-project/core-bundle": "2.2.*@dev",
"sonata-project/doctrine-mongodb-admin-bundle": "2.2.*@dev",
"avalanche123/imagine-bundle": "v2.1",
"braintree/braintree_php" : "dev-master",
"cometcult/braintree-bundle": "dev-master",
"paypal/rest-api-sdk-php": "dev-master",
"kmj/paypalbridgebundle": "dev-master",
"hwi/oauth-bundle": "0.3.*@dev",
"cboden/Ratchet": "0.3.0",
"react/zmq": "0.2.*"
},
"scripts": {
"post-install-cmd": [
"Sensio\\Bundle\\DistributionBundle\\Composer\\ScriptHandler::buildBootstrap",
"Sensio\\Bundle\\DistributionBundle\\Composer\\ScriptHandler::clearCache",
"Sensio\\Bundle\\DistributionBundle\\Composer\\ScriptHandler::installAssets",
"Sensio\\Bundle\\DistributionBundle\\Composer\\ScriptHandler::installRequirementsFile"
],
"post-update-cmd": [
"Sensio\\Bundle\\DistributionBundle\\Composer\\ScriptHandler::buildBootstrap",
"Sensio\\Bundle\\DistributionBundle\\Composer\\ScriptHandler::clearCache",
"Sensio\\Bundle\\DistributionBundle\\Composer\\ScriptHandler::installAssets",
"Sensio\\Bundle\\DistributionBundle\\Composer\\ScriptHandler::installRequirementsFile"
]
},
"config": {
"bin-dir": "bin"
},
"minimum-stability": "dev",
"extra": {
"symfony-app-dir": "app",
"symfony-web-dir": "web"
}
}
Thanks in advance!
The way I've implemented this before is using an Invitation entity.
You'll need to extend the registration form with the new invitation field and the registration controller action .
Basically read this: https://github.com/FriendsOfSymfony/FOSUserBundle/blob/master/Resources/doc/adding_invitation_registration.md
:)
TLDR; Don't worry about the first login and use an invite system instead.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.