我想通过使用 FOSUserBundle 登录来保护整个站点。我试图像这样设置security.yml
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
fos_userbundle:
id: fos_user.user_manager
firewalls:
main:
pattern: ^/
form_login:
check_path: /login_check
login_path: /login
provider: fos_userbundle
always_use_default_target_path: true
default_target_path: /dashboard
logout:
path: /logout
target: /
anonymous: ~
#http_basic:
# realm: "Secured Demo Area"
access_control:
- { path: ^/demo/secured/hello/admin/, roles: ROLE_ADMIN }
#- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
但后来我不知道在 config.yml 中设置什么这是我的 config.yml
imports:
- { resource: parameters.yml }
- { resource: security.yml }
framework:
#esi: ~
translator: ~
secret: %secret%
router:
resource: "%kernel.root_dir%/config/routing.yml"
strict_requirements: ~
form: ~
csrf_protection: ~
validation: { enable_annotations: true }
templating:
engines: ['twig']
#assets_version: SomeVersionScheme
default_locale: "%locale%"
trusted_proxies: ~
session: ~
fragments: ~
http_method_override: true
# Twig Configuration
twig:
debug: %kernel.debug%
strict_variables: %kernel.debug%
# Assetic Configuration
assetic:
debug: %kernel.debug%
use_controller: false
bundles: [ ]
#java: /usr/bin/java
filters:
cssrewrite: ~
#closure:
# jar: %kernel.root_dir%/Resources/java/compiler.jar
#yui_css:
# jar: %kernel.root_dir%/Resources/java/yuicompressor-2.4.7.jar
# Doctrine Configuration
doctrine:
dbal:
driver: %database_driver%
host: %database_host%
port: %database_port%
dbname: %database_name%
user: %database_user%
password: %database_password%
charset: UTF8
# if using pdo_sqlite as your database driver, add the path in parameters.yml
# e.g. database_path: %kernel.root_dir%/data/data.db3
# path: %database_path%
orm:
auto_generate_proxy_classes: %kernel.debug%
auto_mapping: true
# Swiftmailer Configuration
swiftmailer:
transport: %mailer_transport%
host: %mailer_host%
username: %mailer_user%
password: %mailer_password%
spool: { type: memory }
fos_user:
db_driver: orm # other valid values are 'mongodb', 'couchdb' and 'propel'
firewall_name: main
user_class: Dashboard\UserBundle\Entity\User
这是我的控制器
<?php
namespace Proposals\ProposalsBundle\Controller;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Proposals\ProposalsBundle\Entity\Proposals;
use Proposals\ProposalsBundle\Form\ProposalsType;
/**
* Proposals controller.
*
*/
class ProposalsController extends Controller
{
/**
* Lists all Proposals entities.
*
*/
public function indexAction()
{
$em = $this->getDoctrine()->getManager();
$entities = $em->getRepository('ProposalsProposalsBundle:Proposals')->findAll();
return $this->render('ProposalsProposalsBundle:Proposals:index.html.twig', array(
'entities' => $entities,
));
}
当我打开任何页面时,它不会检查任何一个用户是否登录。我希望每个页面都通过登录来保护,如果用户登录,然后每个页面打开,如果用户没有登录,那么页面不显示或重定向到登录。任何帮助 appriciated