如何在出错错误凭据时避免将FOSUserBundle重定向到/ login

时间:2015-01-22 23:13:29

标签: php symfony authentication login fosuserbundle

在我的应用程序中,登录框已集成到我当前页面中。除非用户在用户名/密码关联中出错,否则它可以正常工作。

然后登录页面呈现,这个页面没有集成到我的网站中(虽然我想在登录框中添加错误消息,例如“ bad credential ”到布局中)。

我怎么能这样做,以便在currrent页面上提供坏的凭证?我不想被重定向到www.myWebSite / login,而是被重定向到用户可以登录的收件箱的当前页面。

在我的代码中,我只是覆盖了“ login.html.twig ”,因此它不会扩展任何布局,并且可以集成到我当前的页面中( Layout.html.twig )简单:

  {{ render(controller("FOSUserBundle:Security:login"))   }}

3 个答案:

答案 0 :(得分:1)

请检查 app / config 下的 security.yml 文件。

查找此代码:

form_login:
    provider:               fos_userbundle
    login_path:             fos_user_security_login

根据需要更改 login_path , 例如:

login_path:    /

答案 1 :(得分:0)

您可以捕获错误并显示您的观点:

控制器示例:

public function loginAction()
    {
        $request = $this->getRequest();
        $session = $request->getSession();

        // get the login error if there is one
        if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
            $error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
        } else {
            $error = $session->get(SecurityContext::AUTHENTICATION_ERROR);
            $session->remove(SecurityContext::AUTHENTICATION_ERROR);
        }

        return $this->render('your_bundle:login.html.twig', array(
            // last username entered by the user
            'last_username' => $session->get(SecurityContext::LAST_USERNAME),
            'error'         => $error,
        ));
    }

然后在你的视图中显示:

{{ error.message }

如果您的意思是在FOSUserBundle中修改login.html.twig,则必须添加:

{% block fos_user_content %}
{% if error %}
<div>{{ error.messageKey|trans(error.messageData, 'security') }}</div>
{% endif %}

https://github.com/FriendsOfSymfony/FOSUserBundle/blob/master/Resources/views/Security/login.html.twig#L7

答案 2 :(得分:0)

您可以使用ajax进行身份验证或收听登录失败事件

services.yml 

login_failure_handler:
    class:  'App\UserBundle\Handler\LoginFailureHandler'
    arguments:  [ '@router', '@security.context' ]
    tags:
        - { name: 'monolog.logger', channel: 'security' }

LoginFailureHandler.php 

class LoginFailureHandler implements AuthenticationFailureHandlerInterface
{

    /** @var \Symfony\Component\Routing\Router */
    protected $router;

    /** @var \Symfony\Component\Security\Core\SecurityContext */
    protected $security;

    /**
     * @param Router $router
     * @param SecurityContext $security
     */
    public function __construct(Router $router, SecurityContext $security) {
        $this->router = $router;
        $this->security = $security;
    }

    /**
     * This is called when an interactive authentication attempt fails. This is
     * called by authentication listeners inheriting from
     * AbstractAuthenticationListener.
     *
     * @param Request $request
     * @param AuthenticationException $exception
     *
     * @return Response The response to return, never null
     */
    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
    {
        // if AJAX login
        if ( $request->isXmlHttpRequest() ) {

            $array = array( 'success' => false, 'message' => $exception->getMessage() ); // data to return via JSON
            $response = new Response( json_encode( $array ) );
            $response->headers->set( 'Content-Type', 'application/json' );

            return $response;

            // if form login
        } else {

            // set authentication exception to session
            $request->getSession()->set(SecurityContextInterface::AUTHENTICATION_ERROR, $exception);

            return new RedirectResponse( $this->router->generate( 'your_route' ) );
        }
    }


}
相关问题
最新问题