我正在使用Silex构建一个api,我要求最终用户通过基本身份验证http标头标签发送凭据。我想创建自定义身份验证失败处理程序
我试过这个,但没有用。错误函数永远不会被触发
$app['security.authentication.failure_handler.auth'] = function ($app) {
return new AuthFailureHandler($app);
};
$app->register(new SecurityServiceProvider(), array(
'security.firewalls' => array(
'foo' => array('pattern' => '^/foo'), // Example of an url available as anonymous user
'default' => array(
'pattern' => '^.*$',
'http' => true,
'users' => function () use ($app) {
return new UserProvider(new UserRepository($app['db']));
},
),
),
'security.access_rules' => array(
// You can rename ROLE_USER as you wish
array('^/.+$', UserRole::USER),
array('^/foo$', ''), // This url is available as anonymous user
),
));
这是错误处理程序类
use SymfonyComponentHttpFoundationRequest;
use SymfonyComponentSecurityCoreExceptionAuthenticationException;
use SymfonyComponentSecurityHttpAuthenticationAuthenticationFailureHandlerInterface;
class AuthFailureHandler implements AuthenticationFailureHandlerInterface
{
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
{
return new JsonResponse(array(
'type' => 'error',
'message' => 'Incorrect username or password.',
));
}
}
您正在为身份验证防火墙定义此处理程序(.auth $app['security.authentication.failure_handler.auth'] (,但应该default,因为这是需要身份验证的处理程序。