0

我为这样的登录用户提供了一个安全区域-->

firewalls:
    members_secured_area:
                pattern: ^/
                provider: entity_searchers
                anonymous: ~
                form_login:
                    check_path: /searchers/login_check
                    login_path: /searchers/login
                    default_target_path: /searchers/
                logout:
                    path:   /searchers/logout
                    target: /searchers/login

    crm_secured_area:
                pattern: ^/crm/
                provider: entity_crmusers
                anonymous: ~
                form_login:
                    check_path: /crm/login_check
                    login_path: /crm/login
                    default_target_path: /crm/customers
                logout:
                    path:   /crm/logout
                    target: /crm/login
                remember_me:
                    #token_provider: entity_crmusers
                    key: someS3cretKey
                    name: NameOfTheCookie
                    lifetime: 3600 # in seconds
                    secure: false
                    httponly: true
                    always_remember_me: false
                    remember_me_parameter: _remember_me
access_control:
    members_login:
        path: /searchers/login
        roles: IS_AUTHENTICATED_ANONYMOUSLY
    members_register:
        path: /searchers/register
        roles: IS_AUTHENTICATED_ANONYMOUSLY
    members_area:
        path: /searchers/.*
        roles: ROLE_USER

    crm_login:
        path: /crm/login
        roles: IS_AUTHENTICATED_ANONYMOUSLY
    crm_register:
        path: /crm/register
        roles: IS_AUTHENTICATED_ANONYMOUSLY
    crm_area:
        path: /crm/.*
        roles: ROLE_CRM

因此,当用户在安全区域时,我可以看到他已登录,但是当他返回主页或 mysite.com/about 页面时,我不知道他是否已登录...

有办法知道吗?

4

3 回答 3

0

您只能在安全区域(估计的低谷)下获得有效用户pattern。因此,与给定不匹配的所有内容都不pattern在防火墙下,也没有用户令牌。您可以通过保护整个站点并使用新的访问规则来更改此设置

firewalls:
    crm_secured_area:
        pattern: ^/crm/
        # ... stuff
    members_secured_area:
        pattern: ^/
        anonymous: ~
        # ... all other config

access_control:
    # ... all your existing access rules
    - { path: ^/, role: IS_AUTHENTICATED_ANONYMOUSLY }

最后一条规则允许所有尚未匹配任何规则的路由匿名访问它们,并且您可以访问所有控制器中的用户令牌(如果已通过身份验证)。

于 2013-07-02T14:40:17.717 回答
0

在控制器中,您可以使用 $this->getUser() 获取用户。当用户登录时,它返回一个 User 类的实例,否则返回 NULL,所以你可以执行以下操作:

$user = $this->getUser();

$is_logged = isset($user);

$is_logged 是布尔值,如果用户已登录,则为 true,否则为 false。

于 2013-07-02T12:35:17.893 回答
0

找到这个解决方案,只需放在主站点的模式中:^/(?!crm) 表示不包含文件夹 crm。

防火墙:members_secured_area:模式:^/(?!crm) 提供者:entity_searchers 匿名:~ form_login: check_path: /searchers/login_check login_path: /searchers/login default_target_path: /searchers/ logout: path: /searchers/logout target: /searchers /登录

crm_secured_area:
            pattern: ^/crm/
            provider: entity_crmusers
            anonymous: ~
            form_login:
                check_path: /crm/login_check
                login_path: /crm/login
                default_target_path: /crm/customers
            logout:
                path:   /crm/logout
                target: /crm/login
            remember_me:
                #token_provider: entity_crmusers
                key: someS3cretKey
                name: NameOfTheCookie
                lifetime: 3600 # in seconds
                secure: false
                httponly: true
                always_remember_me: false
                remember_me_parameter: _remember_me
于 2013-07-02T21:30:25.987 回答