0

我已经手动创建了登录表单并在安全控制器中设置了凭据,如下所示

 public function loginCheckAction()
{
    $request = $this->getRequest();
    $session = $request->getSession();

            $oem = $this->getDoctrine()->getEntityManager();
            $username = $request->get('_username');
            $password = $request->get('_password');
            if($username){
                $user = $oem->getRepository('AdminEmployeeBundle:Employees')->loadUserByUsername($username);
                if($user){

                    $dbpassword = $password;
                    if($dbpassword == $user->getPassword()){
                        // secured and redirect
                    $token = new UsernamePasswordToken($user,null,'main',array('ROLE_ADMIN'));
                    // give it to the security context
                    $this->container->get('security.context')->setToken($token);
                    return $this->redirect($this->generateUrl('_employeeList'));    
                }
                    else{
                        $this->get('session')->setFlash('error','Please check username password');
                    }
                }
            return $this->redirect($this->generateUrl('login'));    
            }

现在我想在员工控制器中使用它,但我不知道如何使用它

4

2 回答 2

2

你有没有尝试过

$token = $this->get('security.context')->getToken();

?

于 2012-08-06T19:27:01.080 回答
0

ROLE_ADMIN通过您的控制器登录后,由于此行,员工应该具有角色:

$token = new UsernamePasswordToken($user,null,'main',array('ROLE_ADMIN'));

现在,您可以检查防火墙下的每个控制器:

$this->get('security.context')->isGranted('ROLE_ADMIN');

查看是否已登录并具有权限

于 2012-08-07T21:48:51.340 回答