[英]Change CSRF token after Submission and Validation Form
提交表單,驗證表單並將表單的數據保存到服務器后,如何在Symfony2 / 3中更改csrf令牌?
// AppController.php
...
public function saveAction(Request $request) {
$event = new Data();
$form = $this->createForm(DataForm::class, $event);
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
$creator = $this->getDoctrine()
->getRepository('AppBundle:User')
->find($this->getUser()->getId());
$event->setCreator($creator);
$entityManager = $this->getDoctrine()->getManager();
$entityManager->persist($event);
$entityManager->flush();
<在此處更改csrf令牌。 有任何想法嗎? >
return $this->redirect($this->generateUrl('event_view', ['id' => $event->getId()]));
}
$message = ['text' => 'Wrong data to save', 'type' => 'danger'];
$this->get('session')->set('messages', [$message]);
return $this->redirect($this->generateUrl('event_create'));
}
...
它應該自動重新生成CSRF令牌。 我認為您可能要這樣做的唯一原因是,如果您使用ajax提交表單,並且出於任何原因需要獲取下一個標記:在您的表單類型中:
public function setDefaultOptions(OptionsResolverInterface $resolver)
{
$resolver->setDefaults(array(
//...other defaults
'intention' => 'data_form_intention',
));
}
在您的saveAction中:
$csrf = $this->get('security.csrf.token_manager');
$token = $csrf->refreshToken("data_form_intention");
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.