我正在与fos userBundle一起使用Symfony,我想防止身份验证的用户访问登录,注册或密码重置页面。任何访问这些页面的尝试都应将重定向到主页。
我已经读到,您可以复制控制器以进行这些更改,但这意味着在有更新并再次应用这些更改时手动更新该复制的代码,而不是理想的。
也有可能使用事件订户。这是我的实现,用于防止注册表格,但是我仍然可以访问重置页面和登录页面。
use FOSUserBundleEventGetResponseUserEvent;
use FOSUserBundleFOSUserEvents;
use SymfonyComponentSecurityHttpSecurityEvents;
use SymfonyComponentSecurityHttpEventInteractiveLoginEvent;
use SymfonyComponentEventDispatcherEventSubscriberInterface;
use SymfonyComponentHttpFoundationRedirectResponse;
use SymfonyComponentSecurityCoreAuthenticationTokenStorageTokenStorage;
use SymfonyBundleFrameworkBundleRoutingRouter;
class FOSUserSubscriber implements EventSubscriberInterface
{
/**
* @var Router
*/
protected $router;
/**
* @var TokenStorage
*/
private $tokenStorage;
public function __construct(Router $router, TokenStorage $tokenStorage)
{
$this->router = $router;
$this->tokenStorage = $tokenStorage;
}
public static function getSubscribedEvents()
{
return array(
FOSUserEvents::REGISTRATION_INITIALIZE => 'forwardToRouteIfUser',
FOSUserEvents::RESETTING_RESET_REQUEST => 'forwardToRouteIfUser',
FOSUserEvents::RESETTING_RESET_INITIALIZE => 'forwardToRouteIfUser', //['forwardToRouteIfUser',-100]
FOSUserEvents::RESETTING_RESET_SUCCESS => 'forwardToRouteIfUser',
FOSUserEvents::RESETTING_RESET_COMPLETED => 'forwardToRouteIfUser',
);
}
public function forwardToRouteIfUser(GetResponseUserEvent $event)
{
if (!$this->tokenStorage->getToken()->isAuthenticated()) {
return;
}
$url = $this->router->generate('home');
$response = new RedirectResponse($url);
$event->setResponse($response);
}
}
service.yml
FooBarBundleEventListenersFOSUserSubscriber:
arguments: ['@router','@security.token_storage']
tags:
- { name: kernel.event_subscriber }
如果使用控制器确实是这样做的唯一方法,请提供一个示例,不涉及复制大量代码。
版本:
"friendsofsymfony/user-bundle": "^2.0",
"symfony/symfony": "3.4.*",
您实际上可以覆盖fosuserbundle Controller,而无需在有新版本的FosuserBundle时手动更新它们,并使用return parent::loginAction($request);
这是SecurityController
的示例,以防止已经登录的用户访问登录页面:
// src/UserBundle/Controller/SecurityController.php
namespace UserBundleController;
use FOSUserBundleControllerSecurityController as BaseController;
use SymfonyComponentHttpFoundationRedirectResponse;
use SymfonyComponentHttpFoundationRequest;
use SymfonyComponentHttpFoundationResponse;
/**
* Controller managing the login (extends FOSUserBundle SecurityController)
*/
class SecurityController extends BaseController
{
/**
* Customize the login action, to redirect already logged in users
* to the homepage
*
* @param Request $request
* @return Response
*/
public function loginAction(Request $request)
{
/* If the user is already logged in, redirect him to the homepage */
if ($this->get(Services::SECURITY_AUTHORIZATION_CHECKER)->isGranted('IS_AUTHENTICATED_REMEMBERED')) {
/* Redirect the user to the homepage */
return new RedirectResponse($this->generateUrl('homepage'));
}
/* Call the parent method */
return parent::loginAction($request);
}
}
您可以将其应用于RegistrationController
和ResettingController
。