0

我正在使用 symfony2 为移动应用程序构建 api。我已经设置 FOSAuthServerBundle 并正确配置它。

http://blog.tankist.de/blog/2013/07/18/oauth2-explained-part-3-using-oauth2-with-your-bare-hands/

我还可以使用客户端凭据生成一个 tokan。我还可以将用户重定向到 Outh 登录页面。我被身份验证和授权部分困住了。作为当前网站作为其自己的实体成员作为网站用户。有人可以发布一些使用 FOSAuth 的身份验证和授权过程示例吗?我是symfony的新手。

任何帮助将不胜感激。

4

1 回答 1

0

我刚刚为 post api 做了自定义登录操作。我没有使用任何 3rd 方捆绑包进行后 api 授权。但是,我在我的项目中使用了以下 3rd 方包来提供 rest api,我只是在这里分享了我的自定义登录操作,它可能会对你有所帮助。我使用过以下捆绑包:JMSSerializerBundle、FOSRestBundle、NelmioApiDocBundle、NelmioCorsBundle、FOSUserBundle

 <?php
    namespace Yoursite\ApiBundle\Controller;

    use FOS\RestBundle\View\View;
    use Nelmio\ApiDocBundle\Annotation\ApiDoc;
    use FOS\UserBundle\FOSUserEvents;
    use Symfony\Component\HttpFoundation\Request;

    class UserApiController extends Controller
    {

    /**
     * Response header status code
     *
     * @var int
     */
    private $statusCode = 200;

    /**
     * This action is used for user signin through api
     *
     * @ApiDoc(
     *  resource=true,
     *  description="User Post action for signin"
     * )
     *
     * @param $request
     * @return View view instance
     */
    public function postAuthSigninAction(Request $request) {
        $responseArr= array();
        $view = new View();
        $this->statusCode = 200;
        $userData = json_decode($request->getContent(), true);

        $email = $userData['email'];
        $password = $userData['password'];

        $um = $this->get('fos_user.user_manager');
        $user = $um->findUserByUsernameOrEmail($email);

        if (!$user instanceof \YourSite\UserBundle\Entity\User) {
            $responseArr['meta']['error'] = "The email address or password is incorrect.";
            $this->statusCode = 401;
            return $view->create($responseArr, $this->statusCode);
        }

        $encoder_service = $this->get('security.encoder_factory');
        $encoder = $encoder_service->getEncoder($user);
        $encoded_pass = $encoder->encodePassword($password, $user->getSalt());

        if ($encoded_pass != $user->getPassword()) {
            $responseArr['meta']['error'] = "The email address or password is incorrect.";
            $this->statusCode = 401;
            return $view->create($responseArr, $this->statusCode);
        }

        $user->setToken(md5($password.time()));
        $this->getDoctrine()->getManager()->persist($user);
        $this->getDoctrine()->getManager()->flush();
        $responseArr['data'] = $user;
        return $view->create($responseArr, $this->statusCode);
    }
    }
    ?>
于 2015-03-04T08:24:58.840 回答