我已经搜索了this topic,但它对我没有帮助。
注册后如何验证用户? 我的错误在哪里?
security.yml
security:
providers:
#chain_provider is used here to implement a multiple firewalls in future: admins, accounts ...
chain_provider:
chain:
providers: [admins,accounts]
admins:
entity: { class: FME\Bundle\_CoreBundle\Entity\Admin, property: username }
accounts:
entity: { class: FME\Bundle\_CoreBundle\Entity\Account, property: email }
encoders:
FME\Bundle\_CoreBundle\Entity\Admin: sha512
FME\Bundle\_CoreBundle\Entity\Account: sha512
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
#no firewall for the Login page
admin_area_login:
pattern: ^/admin/login$
security: false
admin_area:
pattern: ^/admin/
provider: admins
form_login:
check_path: fme_aa_login_handler
login_path: fme_aa_login
logout:
path: fme_aa_logout
target: fme_aa_login
#anonymous: ~
#http_basic:
# realm: "Secured Demo Area"
#no firewall for the Login page
account_area_login:
pattern: ^/account/login$
security: false
account_area:
pattern: ^/account/
provider: accounts
form_login:
check_path: fme_aca_login_handler
login_path: fme_aca_login
logout:
path: fme_aca_logout
target: fme_aca_login
注册控制器如下:
namespace FME\Bundle\FtdBundle\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Request;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
use Symfony\Component\Security\Core\Authentication\Token\UsernamePasswordToken;
use FME\Bundle\_CoreBundle\Entity\Account;
use FME\Bundle\FtdBundle\Form\RegistrationType;
/**
* @Route("/registration")
*/
class RegistrationController extends Controller
{
/**
* Account registration
*
* @Route("/",name="fme_ftd_registration")
* @Template()
*/
public function indexAction(Request $request)
{
$account = new Account();
//set default role group
$account->setRoleGroup($this->getDoctrine()->getRepository('FMECoreBundle:AccountRoleGroup')->findDefault());
//default company type from the FMECoreBundle is used
$form = $this->createForm(new RegistrationType(), $account);
if ($request->isMethod('POST'))
{
$form->bind($request);
if ($form->isValid())
{
$encoder = $this->container->get('security.encoder_factory')->getEncoder($account);
//encode password using current encoder
$password = $encoder->encodePassword($form->get('password')->getData(), $account->getSalt());
//set encrypted password
$account->setPassword($password);
//save an object in the DB
$em = $this->getDoctrine()->getEntityManager();
$em->persist($account);
$em->flush();
//send the token to account via email
if (! $this->_sendVerificationToken($account))
{
$this->get('session')->setFlash('error',
$this->get('translator')->trans('Error sending the verification token.')
);
}
$this->get('session')->setFlash('success',
$this->get('translator')->trans('Your account was created. Please check you inbox to verify the email.')
);
//Automatic post-registration user authentication
$this->_authenticateAccount($account);
//redirect to home page in the account area
return $this->redirect($this->generateUrl('fme_aca_dashboard'));
}
}
return array('form' => $form->createView());
}
/**
* Send the token to verify an account email
*/
protected function _sendVerificationToken(Account $account)
{
return TRUE;
}
/**
* Automatic post-registration user authentication
*/
protected function _authenticateAccount(Account $account)
{
$token = new UsernamePasswordToken($account, null, 'account_area', $account->getRoles());
$this->get('security.context')->setToken($token);
}
}
答案 0 :(得分:7)
首先确保注册页面适合防火墙之一。为每个防火墙添加附加参数:
context: <string>
像这样:
account_area_login:
...
context: administration
admin_area:
...
context: administration
Context允许在不同防火墙之间共享身份验证cookie。因此,为了在注册后保持用户身份验证,注册页面的防火墙和其他防火墙应具有相同的上下文。