4

我想通过使用 FOSUserBundle 登录来保护整个站点。我试图像这样设置security.yml

security:
encoders:
    Symfony\Component\Security\Core\User\User: plaintext
    FOS\UserBundle\Model\UserInterface: sha512

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
    fos_userbundle:
        id: fos_user.user_manager

firewalls:
    main:
        pattern:    ^/
        form_login:
            check_path: /login_check
            login_path: /login
            provider: fos_userbundle
            always_use_default_target_path: true
            default_target_path: /dashboard
        logout:
            path:   /logout
            target: /
        anonymous: ~
        #http_basic:
        #    realm: "Secured Demo Area"

access_control:
    - { path: ^/demo/secured/hello/admin/, roles: ROLE_ADMIN }
    #- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }

但后来我不知道在 config.yml 中设置什么这是我的 config.yml

 imports:
- { resource: parameters.yml }
- { resource: security.yml }

framework:
#esi:             ~
translator:       ~
secret:          %secret%
router:
    resource: "%kernel.root_dir%/config/routing.yml"
    strict_requirements: ~
form:            ~
csrf_protection: ~
validation:      { enable_annotations: true }
templating:
    engines: ['twig']
    #assets_version: SomeVersionScheme
default_locale:  "%locale%"
trusted_proxies: ~
session:         ~
fragments:       ~
http_method_override: true

# Twig Configuration
twig:
debug:            %kernel.debug%
strict_variables: %kernel.debug%

# Assetic Configuration
assetic:
debug:          %kernel.debug%
use_controller: false
bundles:        [ ]
#java: /usr/bin/java
filters:
    cssrewrite: ~
    #closure:
    #    jar: %kernel.root_dir%/Resources/java/compiler.jar
    #yui_css:
    #    jar: %kernel.root_dir%/Resources/java/yuicompressor-2.4.7.jar

# Doctrine Configuration
doctrine:
dbal:
    driver:   %database_driver%
    host:     %database_host%
    port:     %database_port%
    dbname:   %database_name%
    user:     %database_user%
    password: %database_password%
    charset:  UTF8
    # if using pdo_sqlite as your database driver, add the path in parameters.yml
    # e.g. database_path: %kernel.root_dir%/data/data.db3
    # path:     %database_path%

orm:
    auto_generate_proxy_classes: %kernel.debug%
    auto_mapping: true

# Swiftmailer Configuration
swiftmailer:
transport: %mailer_transport%
host:      %mailer_host%
username:  %mailer_user%
password:  %mailer_password%
spool:     { type: memory }
fos_user:
db_driver: orm # other valid values are 'mongodb', 'couchdb' and 'propel'
firewall_name: main
user_class: Dashboard\UserBundle\Entity\User

这是我的控制器

<?php

namespace Proposals\ProposalsBundle\Controller;

use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;

use Proposals\ProposalsBundle\Entity\Proposals;
use Proposals\ProposalsBundle\Form\ProposalsType;

/**
* Proposals controller.
*
*/
class ProposalsController extends Controller
{

/**
 * Lists all Proposals entities.
 *
 */
public function indexAction()
{
    $em = $this->getDoctrine()->getManager();

    $entities = $em->getRepository('ProposalsProposalsBundle:Proposals')->findAll();

    return $this->render('ProposalsProposalsBundle:Proposals:index.html.twig', array(
        'entities' => $entities,
    ));
}

当我打开任何页面时,它不会检查任何一个用户是否登录。我希望每个页面都通过登录来保护,如果用户登录,然后每个页面打开,如果用户没有登录,那么页面不显示或重定向到登录。任何帮助 appriciated

4

2 回答 2

17

每次都一样,没有人关注文档。韦恩。但是对于您的垃圾邮件,您不应该得到答案,但这是不公平的^^

security:
    firewalls:
        main:
            pattern: ^/
            # other settings
            anonymous:    true

    access_control:
        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/, role: ROLE_USER }
于 2013-08-23T06:33:30.330 回答
2

要移动到此 URL localhost/QuickBacklog/web/app_dev.php/dashboard
,您必须在 security.yml 中添加这样的内容

firewalls:
        main:
            pattern:    ^/
            form_login:
                provider:             fos_userbundle
                default_target_path:  /dashboard/                
            logout:     
                ........
                invalidate_session: false
            anonymous: ~

在路由文件中

applicationlogin_success:
  pattern: /dashboard/
  defaults: { _controller: SampleBundle:Default:FrontPage }

通过使用default_target_path :ROUTING_PATTERN
你将重定向它...

于 2013-08-31T06:15:31.797 回答