19

假设我的路由/booking/(.*)security.yml中的防火墙配置保护,并且它需要“ ROLE_USER ”,当用户尝试访问以“ /booking/ ”开头的任何路由时,应用程序会将用户重定向到登录认证页面。

所以我的问题是,在用户提供他的凭据并通过身份验证后,Symfony 2 如何能够将用户重定向回用户请求的页面/路由,或者 Symfony 2 在哪里存储该路由是否将其存储在某个会话中或别的地方。

我们可以访问它吗?如何访问?

4

4 回答 4

27

这是可能的,您可以在会话中访问引用链接(如果use_referer设置为,则使用该链接)。true

例如,如果success_handler您(在您的防火墙配置中)上有一项服务,该服务form_login根据某些条件(通常是角色)重定向用户,但您希望将用户重定向到引荐来源链接(如果已设置),您可以像这样访问引荐来源链接:

$key = '_security.main.target_path'; #where "main" is your firewall name

//check if the referrer session key has been set 
if ($this->container->get('session')->has($key)) {
    //set the url based on the link they were trying to access before being authenticated
    $url = $this->container->get('session')->get($key);

    //remove the session key
    $this->container->get('session')->remove($key);
}
//if the referrer key was never set, redirect to a default route
else{
    $url = $this->router->generate('member_home');
}

return new RedirectResponse($url);

在这种情况下,使用标头获取引荐来源网址(即$request->headers->get('referer'))将不起作用,因为它将始终返回登录链接。

感谢 Roman Marintsenko 和 Ryan Weaver 的博客

于 2013-07-10T22:26:27.080 回答
11

Carrie Kendall 的解决方案有效,谢谢!

这是 Symfony 中的完整实现:

服务.yml:

login_handler:
    class: Project\BaseBundle\Service\loginHandler
    arguments: ['@router', '@doctrine.orm.entity_manager', '@service_container']

在 Project\BaseBundle\Service\loginHandler 中:

namespace Project\BaseBundle\Service;

use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface;
use Symfony\Component\Routing\RouterInterface;
use Doctrine\ORM\EntityManager;


class loginHandler implements AuthenticationSuccessHandlerInterface {

    private $router;
    private $container;
    private static $key;

    public function __construct(RouterInterface $router, EntityManager $em, $container) {

        self::$key = '_security.secured_area.target_path';

        $this->router = $router;
        $this->em = $em;
        $this->session = $container->get('session');

    }

    public function onAuthenticationSuccess( Request $request, TokenInterface $token ) {

        $user_entity = $token->getUser();

        if( !$user_entity->getChangePassword() ) {

            $route = $this->router->generate('BaseBundle_home_page');

        } else {

            $this->session->getFlashBag()->add('error', 'Your password must be changed now');

            $route = $this->router->generate('BaseBundle_account_page');

        }

        //check if the referer session key has been set
        if ($this->session->has( self::$key )) {

            //set the url based on the link they were trying to access before being authenticated
            $route = $this->session->get( self::$key );

            //remove the session key
            $this->session->remove( self::$key );
            //if the referer key was never set, redirect to a default route

        } else{

            $url = $this->generateUrl('BaseBundle_home_page');

            return new RedirectResponse($route);

        }

        return new RedirectResponse($route);

    }
}
于 2013-11-14T15:08:20.487 回答
5

我也有这个问题。我使用了 security.yml 并在使用的注册操作中:

$redirectUrl = $request->getSession()->get('_security.account.target_path');

请享用。

于 2014-03-19T16:53:31.603 回答
3

Symfony 使用HTTP Referer 标头将用户重定向回他们来自的页面 .. 即referrer

您可以使用 security.ymluse_referer: true中的安全配置进行设置,详情请点击此处

您可以使用以下命令从控制器访问引用标头:

$referer = $request->headers->get('referer');

请注意,标题拼写错误,其引用者(一个 r)

于 2013-04-18T10:19:13.523 回答