Symfony Private Beta Login
Question
I'm looking to setup a private beta on a symfony site I'm launching soon. I've got a list of invited people's email addresses to check against in a text file on the server, and I'd like to present people with an html form whenever they try to access the site without permission. Once a person has entered their email address, it should redirect them to the home page. The tricky part is that past that I'm using FOSUserBundle with a whole account login system already in place. How should I approach this problem? The person logging in with their email doesn't have an account yet, so I can't just add a role like INVITED_USER to their user document, so I'm thinking about trying to store their status in their session, and checking that using symfony 2.4's allow_if expression, but I get an error:
Fatal error: Uncaught exception 'Symfony\\Component\\Config\\Definition\\Exception\\InvalidConfigurationException' with message 'Unrecognized options "allow_if" under "security.access_control.17"' in C:\\wamp\\www\\vendor\\symfony\\symfony\\src\\Symfony\\Component\\Config\\Definition\\ArrayNode.php on line 306
My security.yml file looks like this:
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
beta:
pattern: ^/
anonymous: ~
form_login:
login_path: /beta
check_path: /beta_invite_check
always_use_default_target_path: true
default_target_path: /
logout:
path: /logout
target: /
main:
pattern: ^/
form_login:
check_path: /login_check
provider: fos_userbundle
always_use_default_target_path: false
default_target_path: /profile
use_referer: true
success_handler: security.authentication.handler
logout:
path: /logout
target: /
invalidate_session: false
anonymous: ~
login:
pattern: ^/login$
security: false
access_control:
- { path: ^/beta, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/account, roles: ROLE_USER}
- { path: /_wdt/.*, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: /_profiler/.*, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/profile, role: ROLE_USER }
- { path: ^/submit, role: ROLE_USER }
- { path: ^/submissions, role: ROLE_USER }
- { path: ^/uploadCredits, role: ROLE_USER }
- { path: ^/transactions, role: ROLE_USER }
- { path: ^/activity, role: ROLE_USER }
- { path: ^/browse/join, role: ROLE_USER }
- { path: ^/browse/follow, role: ROLE_USER }
- { path: ^/browse/unfollow, role: ROLE_USER }
- { path: ^/player/rating, role: ROLE_USER }
- { path: ^/, allow_if: "'BETA_ALLOWED' == request.getSession().beta" }
Does anyone know why this is happening? allow_if seems to be a new feature so maybe someone's bundle isn't playing nice with it? Here's my composer.json file too, just in case:
{
"name": "symfony/framework-standard-edition",
"description": "The \"Symfony Standard Edition\" distribution",
"autoload": {
"psr-0": { "": "src/" }
},
"require": {
"doctrine/mongodb-odm": "1.0.*@dev",
"doctrine/mongodb-odm-bundle": "3.0.*@dev",
"php": ">=5.3.3",
"symfony/symfony": "2.4.1",
"doctrine/orm": "~2.2,>=2.2.3",
"doctrine/doctrine-bundle": "1.2.*",
"twig/extensions": "1.0.*",
"symfony/assetic-bundle": "2.1.*",
"hipaway-travel/mandrill-bundle": "dev-master",
"symfony/monolog-bundle": "2.2.*",
"sensio/distribution-bundle": "2.2.*",
"sensio/framework-extra-bundle": "2.2.*",
"sensio/generator-bundle": "2.2.*",
"jms/security-extra-bundle": "dev-master",
"friendsofsymfony/user-bundle": "~2.0.*@dev",
"jms/di-extra-bundle": "dev-master",
"sonata-project/media-bundle": "2.2.*@dev",
"sonata-project/admin-bundle": "2.2.*@dev",
"sonata-project/core-bundle": "2.2.*@dev",
"sonata-project/doctrine-mongodb-admin-bundle": "2.2.*@dev",
"avalanche123/imagine-bundle": "v2.1",
"braintree/braintree_php" : "dev-master",
"cometcult/braintree-bundle": "dev-master",
"paypal/rest-api-sdk-php": "dev-master",
"kmj/paypalbridgebundle": "dev-master",
"hwi/oauth-bundle": "0.3.*@dev",
"cboden/Ratchet": "0.3.0",
"react/zmq": "0.2.*"
},
"scripts": {
"post-install-cmd": [
"Sensio\\Bundle\\DistributionBundle\\Composer\\ScriptHandler::buildBootstrap",
"Sensio\\Bundle\\DistributionBundle\\Composer\\ScriptHandler::clearCache",
"Sensio\\Bundle\\DistributionBundle\\Composer\\ScriptHandler::installAssets",
"Sensio\\Bundle\\DistributionBundle\\Composer\\ScriptHandler::installRequirementsFile"
],
"post-update-cmd": [
"Sensio\\Bundle\\DistributionBundle\\Composer\\ScriptHandler::buildBootstrap",
"Sensio\\Bundle\\DistributionBundle\\Composer\\ScriptHandler::clearCache",
"Sensio\\Bundle\\DistributionBundle\\Composer\\ScriptHandler::installAssets",
"Sensio\\Bundle\\DistributionBundle\\Composer\\ScriptHandler::installRequirementsFile"
]
},
"config": {
"bin-dir": "bin"
},
"minimum-stability": "dev",
"extra": {
"symfony-app-dir": "app",
"symfony-web-dir": "web"
}
}
Thanks in advance!
1 answers
solution1
1 2014-01-17 09:44:26
The way I've implemented this before is using an Invitation entity.
- Generate an Invitation code and email the user with a link to the register form
- Only accept registrations that include a valid invitation code
You'll need to extend the registration form with the new invitation field and the registration controller action .
Basically read this: https://github.com/FriendsOfSymfony/FOSUserBundle/blob/master/Resources/doc/adding_invitation_registration.md
:)
TLDR; Don't worry about the first login and use an invite system instead.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.