0

我有一个登录表单我想要做什么

这是我添加到控制器的登录操作中的内容

          $authChecker = $this->container-   >get('security.authorization_checker');
$router = $this->container->get('router');

if ($authChecker->isGranted('ROLE_ADMIN')) {
    return new RedirectResponse($router->generate('admin'), 307);
} 

if ($authChecker->isGranted('ROLE_USER')) {
    return new RedirectResponse($router->generate('voiture_new'), 307);
}

这是我的security.yml

    security:
encoders:
    FOS\UserBundle\Model\UserInterface: bcrypt

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: ROLE_ADMIN

providers:
    fos_userbundle:
        id: fos_user.user_provider.username_email

firewalls:
    main:
        pattern: ^/
        form_login:
            provider: fos_userbundle
            csrf_token_generator: security.csrf.token_manager
            always_use_default_target_path: false
            default_target_path:  /voiture/new
            check_path: fos_user_security_check

            # if you are using Symfony < 2.8, use the following config instead:
            # csrf_provider: form.csrf_provider

        logout:       true
        anonymous:    true

access_control:
    - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin/, role: ROLE_ADMIN }
    - { path: ^/marque/, role: ROLE_ADMIN }
    - { path: ^/modele/, role: ROLE_ADMIN }
    - { path: ^/user/, role: ROLE_ADMIN }
    - { path: ^/voiture/, role: ROLE_USER }
    - { path: ^/profile/, role: ROLE_USER }
    - { path: ^/interventions/, role: ROLE_USER }

但即使用户具有管理员角色,我总是会被重定向到 voiture_new 我错过了什么?

4

1 回答 1

0

您需要做的是创建Authenticator 类,然后告诉 symfony 在尝试进行身份验证时使用它。此类内部是一个方法onAuthenticationSuccess,您可以使用它来执行所有重定向。

例如security.yml在防火墙内,在这种情况下称为main。告诉它您要使用保护,然后提及在此示例中称为app.form_login_authenticator的服务

main:
    pattern: ^/
    http_basic: ~
    anonymous: ~
    logout:
        path: logout
    guard:
        authenticators:
            - app.form_login_authenticator
        # by default, use the start() function from FormLoginAuthenticator
        entry_point: app.form_login_authenticator

在您的内部services.yml确保列出此服务

app.form_login_authenticator:
        class: AppBundle\Security\FormLoginAuthenticator
        arguments: ["@service_container"]

然后这是类示例

class FormLoginAuthenticator extends AbstractFormLoginAuthenticator
{
    private $container;

    public function __construct(ContainerInterface $container)
    {
        $this->container = $container;
    }

    public function getCredentials(Request $request)
    {
        if ($request->getPathInfo() != '/login_check') {
            return;
        }

        $username = $request->request->get('_username');
        $request->getSession()->set(Security::LAST_USERNAME, $username);
        $password = $request->request->get('_password');

        return array(
            'username' => $username,
            'password' => $password
        );
    }

    public function getUser($credentials, UserProviderInterface $userProvider)
    {
        $username = $credentials['username'];    
        $userRepo = $this->container
            ->get('doctrine')
            ->getManager()
            ->getRepository('AppBundle:User');

        return $userRepo->findOneByUsername($username);
    }

    public function checkCredentials($credentials, UserInterface $user)
    {
        $plainPassword = $credentials['password'];
        $encoder = $this->container->get('security.password_encoder');
        if (!$encoder->isPasswordValid($user, $plainPassword)) {
            return false;
        }

        return true;
    }

    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
    {
        // AJAX! Maybe return some JSON
        if ($request->isXmlHttpRequest()) {
            return new JsonResponse(
            // you could translate the message
                array('message' => $exception->getMessageKey()),
                403
            );
        }

        // for non-AJAX requests, return the normal redirect
        return parent::onAuthenticationFailure($request, $exception);
    }

    public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
    {
        //Perform your redirects here for example


        $response = '';
        if($this->container->get('security.authorization_checker')->isGranted('ROLE_ADMIN')){
            $response = $this->container->get('router')->generate('admin_dashboard');
        }

        if($this->container->get('security.authorization_checker')->isGranted('ROLE_USER')){
            $response = $this->container->get('router')->generate('user_dashboard');
        }

        return $response;
    }

    protected function getLoginUrl()
    {
        return $this->container->get('router')
            ->generate('login');
    }

}

希望这能让您走上正确的道路来实现您正在寻找的东西,

于 2017-04-17T05:23:45.010 回答