[英]FOSUserBundle access_control
我登录后,可以访问loginAction并再次登录。
我希望有一个人可以帮助我。 这是我的security.yml和SecuirtyController。
安全性
security:
encoders:
FOS\UserBundle\Model\UserInterface: bcrypt
providers:
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: security.csrf.token_manager # Use form.csrf_provider instead for Symfony <2.4
logout: true
anonymous: true
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
安全控制器
class SecurityController extends \FOS\UserBundle\Controller\SecurityController
{
protected function renderLogin(array $data){
#return new RedirectResponse('/');
$securityContext = $this->get('security.authorization_checker');
$router = $this->get('router');
if ($securityContext->isGranted('ROLE_USER')) {
return new RedirectResponse($router->generate('user_home'), 307);
}
return $this->render('FOSUserBundle:Security:login.html.twig', $data);
}
}
您只需要像这样覆盖SecurityController:
<?php
namespace AppBundle\Controller;
use FOS\UserBundle\Controller\SecurityController as BaseController;
use Symfony\Component\HttpFoundation\RedirectResponse;
use AppBundle\Entity\User;
class SecurityController extends BaseController
{
public function loginAction()
{
if ($this->container->get('security.context')->getToken()->getUser() instanceof User){
return new RedirectResponse($this->container->get('router')->generate('name_of_route_to_redirect'));
}
return parent::loginAction();
}
}
不要忘记检查如何覆盖FOSUser Controller 。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.