[英]Symfony security configuration, check_path goes to defined controller
我是symfony的新手,並且正在嘗試創建自己的身份驗證。 (我有外部身份驗證系統,所以我聲明了User類和UserProvider)我已經配置了一些路由,控制器和安全yml,但是當我發送登錄表單時,我卻遇到了錯誤提示
要訪問此資源,需要完全身份驗證。
這是我的安全性配置:
security:
encoders:
App\Domain\User\ValueObject\User: bcrypt
providers:
UserProvider:
id: App\Providers\UserProvider
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login:
pattern: ^/login
anonymous: ~
login_others:
pattern: ^/login/.*$
anonymous: ~
register:
pattern: ^/register.*$
anonymous: ~
bye:
pattern: ^/bye
anonymous: ~
main:
provider: UserProvider
pattern: ^/.*
form_login:
# submit the login form here
check_path: user.login.check
# the user is redirected here when they need to log in
login_path: /login
logout:
path: /logout
target: /login
invalidate_session: false
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/login/.*$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register.*$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/bye$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/.+$, roles: ROLE_USER }
我的路線控制器如下所示:
class LoginController extends Controller
{
/**
* @param AuthenticationUtils $authUtils
* @param TokenStorageInterface $tokenStorage
* @return Response
*
* @Route("/login", name="user.login", methods="GET")
*/
public function loginAction(
AuthenticationUtils $authUtils,
TokenStorageInterface $tokenStorage
) {
if (!is_null($tokenStorage->getToken()) && in_array('ROLE_USER', $tokenStorage->getToken()->getRoles())) {
return $this->redirect($this->generateUrl('dashboard'));
}
$error = $authUtils->getLastAuthenticationError();
$lastUsername = $authUtils->getLastUsername();
return $this->render('user/login.twig', [
'error' => $error,
'last_username' => $lastUsername,
]);
}
/**
*
* @Route("/login_check", name="user.login.check", methods={"POST"})
*/
public function loginCheckAction()
{
}
知道我在做什么錯嗎? 我幾乎可以確定這是配置問題,但似乎我不理解。
這是一個簡單的配置:
#config/packages/security.yaml
# ...
providers:
user_provider:
entity:
class: App\Providers\UserProvider
firewalls:
main:
anonymous: ~
form_login:
login_path: login
check_path: login
logout:
path: /logout
target: /
access_control:
- { path: dashboard, roles: ROLE_USER }
LoginController
/**
* @Route("/login", name="login")
*/
public function login(Request $request, AuthenticationUtils $authenticationUtils)
{
$error = $authenticationUtils->getLastAuthenticationError();
$lastUsername = $authenticationUtils->getLastUsername();
return $this->render('login.html.twig', array(
'last_username' => $lastUsername,
'error' => $error,
));
}
然后,您可以在登錄后設置默認重定向:
#config/packages/security.yaml
security:
# ...
firewalls:
main:
form_login:
# ...
default_target_path: dashboard
希望這可以幫助
我最終想出了更多可行的配置
security:
encoders:
App\Domain\User\ValueObject\User: bcrypt
providers:
UserProvider:
id: App\Security\UserProvider
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: ~
provider: UserProvider
pattern: ^/.*
form_login:
login_path: user.login
logout:
path: /logout
target: user.login
invalidate_session: false
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/login.*$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register.*$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/.+$, roles: ROLE_USER }
如您所見,我尚未為form_login配置檢查路徑。 那是因為它不想為已登錄的令牌替換匿名用戶令牌,因此我最終創建了自己的端點來進行登錄檢查,並手動執行了如下操作:
/**
* @param Request $request
* @param PasswordAuthenticator $authenticator
* @param UserProvider $provider
* @param Session $session
* @param TokenStorageInterface $storage
* @return \Symfony\Component\HttpFoundation\RedirectResponse|Response
*
* @Route("/login/check", name="user.login.check", methods={"POST"})
*/
public function checkLoginUser(
Request $request,
PasswordAuthenticator $authenticator,
UserProvider $provider,
Session $session,
TokenStorageInterface $storage
) {
$token = $authenticator->createToken(
$request,
$request->request->get('_username'),
$request->request->get('_password'),
'UserProvider'
);
$authenticator->supportsToken($token, 'UserProvider');
try {
$newToken = $authenticator->authenticateToken($token, $provider, $token->getUser());
$storage->setToken($newToken);
$session->set('_security_main', serialize($newToken));
return $this->redirect($this->generateUrl('dashboard'));
} catch (CustomUserMessageAuthenticationException $e) {
$error = $e->getMessage();
}
return $this->render('user/login.twig', [
'error' => $error,
'last_username' => $request->request->get('_username'),
]);
}
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.