我使用SecurityServiceProvider和我自己的提供程序在我的silex项目上实现了登录,完全如官方文档中所述。
我可以登录,然后注销,但在手动删除PHPSESSID之前无法再次登录。 有什么想法吗?
以下是配置:
$app->register(new Silex\Provider\SecurityServiceProvider());
$app['security.firewalls'] = array(
'website' => array(
'anonymous' => true,
'pattern' => '^/',
'form' => array('login_path' => '/login', 'check_path' => '/login_check'),
'users' => $app->share(
function () use ($app) {
return new \Project\Provider\UserProvider($app);
}
),
'logout' => array('logout_path' => '/logout')
)
);
$app['security.access_rules'] = array(
array('^/private', 'ROLE_USER'),
array('^/admin', 'ROLE_ADMIN'),
);
现在我的提供者类:
namespace Project\Provider;
use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\Security\Core\User\UserInterface;
use Project\Security\User;
use Symfony\Component\Security\Core\Exception\UnsupportedUserException;
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
use Silex\Application;
class UserProvider implements UserProviderInterface
{
private $app,
$conn;
public function __construct(Application $app)
{
$this->app = $app;
$this->conn = $app['db'];
}
public function loadUserByUsername($username)
{
$stmt = $this->conn->executeQuery('SELECT * FROM user WHERE email = ?', array(strtolower($username)));
if ( !$user = $stmt->fetch() ) {
throw new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $username));
}
if ( $user['enabled'] == 0 ) {
throw new UsernameNotFoundException('Account not validated.');
}
$userApp = new User($user['email'], $user['password'], $user['id'], array('ROLE_USER'));
$userApp->setExtra($user);
return $userApp;
}
public function refreshUser(UserInterface $user)
{
if (!$user instanceof User) {
throw new UnsupportedUserException(sprintf('Instances of "%s" are not supported.', get_class($user)));
}
return $this->loadUserByUsername($user->getUsername());
}
public function supportsClass($class)
{
return $class === '\Project\Security\User';
}
}
现在我的用户类:
namespace Project\Security;
use Symfony\Component\Security\Core\User\AdvancedUserInterface;
/**
* User implementation used by the in-memory user provider.
*/
class User implements AdvancedUserInterface
{
private $username;
private $password;
private $id;
private $enabled;
private $accountNonExpired;
private $credentialsNonExpired;
private $accountNonLocked;
private $roles;
private $extra;
public function __construct($username, $password, $id, array $roles = array(), $enabled = true, $userNonExpired = true, $credentialsNonExpired = true, $userNonLocked = true)
{
if (empty($username)) {
throw new \InvalidArgumentException('The username cannot be empty.');
}
if (empty($id)) {
throw new \InvalidArgumentException('The id cannot be empty.');
}
$this->username = $username;
$this->password = $password;
$this->id = $id;
$this->enabled = $enabled;
$this->accountNonExpired = $userNonExpired;
$this->credentialsNonExpired = $credentialsNonExpired;
$this->accountNonLocked = $userNonLocked;
$this->roles = $roles;
}
/**
* {@inheritdoc}
*/
public function getRoles()
{
return $this->roles;
}
/**
* {@inheritdoc}
*/
public function getPassword()
{
return $this->password;
}
/**
* {@inheritdoc}
*/
public function getSalt()
{
return null;
}
/**
* {@inheritdoc}
*/
public function getUsername()
{
return $this->username;
}
/**
* @return int Current member id
*/
public function getId()
{
return $this->id;
}
/**
* {@inheritdoc}
*/
public function isAccountNonExpired()
{
return $this->accountNonExpired;
}
/**
* {@inheritdoc}
*/
public function isAccountNonLocked()
{
return $this->accountNonLocked;
}
/**
* {@inheritdoc}
*/
public function isCredentialsNonExpired()
{
return $this->credentialsNonExpired;
}
/**
* {@inheritdoc}
*/
public function isEnabled()
{
return $this->enabled;
}
/**
* {@inheritdoc}
*/
public function eraseCredentials()
{
}
/**
* Stocks array containing pau_member fields
*
* @param array $member
*/
public function setExtra($member)
{
$this->extra = $member;
}
/**
* Returns a given field value of current member
*
* @param string $field. May be null
* @return mixed
*/
public function getExtra($field = null)
{
if ( !is_null($field) ) {
return $this->extra[$field];
}
return $this->extra;
}
}
答案 0 :(得分:0)
问题是我重新定义了注销控制器。