会话到期时,如何强制用户注销?

时间:2013-03-20 02:24:52

标签: symfony

我试图在会话过期时强制用户变为注销但我无法访问会话时间

namespace mio\mioBundle;

use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpKernel\HttpKernelInterface;
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
use Symfony\Bundle\FrameworkBundle\Routing\Router;
use Symfony\Component\Routing\RouterInterface;
use Symfony\Component\Security\Core\SecurityContext;
use Symfony\Component\HttpFoundation\Request;

class RequestListener{

    protected $router;
    protected $security;  

    public function __construct(RouterInterface $router, SecurityContext $security)
    {
        $this->router = $router;
        $this->security = $security;
    }

    public function onKernelRequest(GetResponseEvent $event)
    {
        echo $event->getRequest()->getSession()->('timeout');
    }
}

你好我离开配置文件security.yml。

security:

    firewalls:
        frontend:
            pattern:  ^/
            anonymous: ~
            form_login:
                login_path: /login
                check_path: /login_check
                default_target_path: /index
                success_handler: authentication_handler
            logout:
                path: /logout
                target: /login
                success_handler: authentication_handler
            security: true
            remember_me:
                key:      loksea
                lifetime: 1800
                path:     /
            access_denied_handler: accessdenied_handler
          #primero deben de ir los usuarios anonimos si no se entra en loop redirect
    access_control:
        - { path: /login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/pruebita, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/js, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin, roles: ROLE_A }
        - { path: ^/nuevoinforme, roles: ROLE_M }
        - { path: ^/, roles: IS_AUTHENTICATED_REMEMBERED }

    providers:
        user_db:
            entity: { class: mio\mioBundle\Entity\Empleado, property: username }
    role_hierarchy:
        ROLE_M: ROLE_U
        ROLE_A: ROLE_U

    encoders:
        mio\mioBundle\Entity\Empleado: { algorithm: sha1 }
        Symfony\Component\Security\Core\User\User: plaintext

当会话结束时要求我再次登录,但不是用户注销。我有一个监听器来保存注销,所以:

 public function onLogoutSuccess(Request $request){
        $empleado =  $this->security->getToken()->getUser();
        $log = new Log();
        $log->setFechalog(new \DateTime('now'));
        $log->setTipo("Salida");
        $log->setEmpleado($empleado);
        $this->em->persist($log);
        $this->em->flush();
}

会话结束时你会调用这个方法吗?感谢。

3 个答案:

答案 0 :(得分:0)

告诉我,如果我是对的,当用户退出时,您是否需要执行“onLogoutSuccess”方法? 因此注销过程运作良好,对吧?

要明确注销,您是否尝试过会话对象的“clear()”方法?

答案 1 :(得分:0)

我遇到了同样的问题,但我设法创建了一个监听器,当用户达到最大空闲时间时会抛出CredentialsExpiredException。
闲置时间过长的用户将被重定向到登录/注销页面(对于您的情况,通过查看您的注销目标,其“/ login”)。
这就是我解决问题的方法 

namespace mio\mioBundle;

use Symfony\Component\HttpKernel\Event\GetResponseEvent;
use Symfony\Component\DependencyInjection\Container;
use Symfony\Component\Security\Core\Exception\CredentialsExpiredException;

class RequestListener{

    protected $container;  

    public function __construct(Container $container)
    {
        $this->container = $container;
    }

    public function onKernelRequest(GetResponseEvent $event)
    {
        $session = $this->container->get('session');
        $maxTime = 5*60; //5 minutes is the maximum lifetime

        // Get the current idle time and compare it with the max allowed time
        if (time() - $session->getMetadataBag()->getLastUsed() > $maxTime) {
            //Invalidate the current session and throw an exception
            $session->invalidate();
            throw new CredentialsExpiredException();
        }
    }
}

这应该是它。如果您还有其他问题,请告诉我们!

答案 2 :(得分:-2)

您需要在security.yml配置文件中配置此行为,它应该自动运行。

相关问题
最新问题