适用于多个提供商的路由 - Symfony2 Security

时间:2015-09-13 03:31:16

标签: symfony

我正在创建一个包含多个提供程序的安全性。一个用于sonata admin的提供程序和另一个用于自定义前端用户的提供程序

security:
encoders:
    FOS\UserBundle\Model\UserInterface: bcrypt

providers:
    fos_userbundle:
        id: fos_user.user_manager
    database_users:
        entity: { class: MyBundle:Users, property: username }
firewalls:
    dev:
        pattern:  ^/(_(profiler|wdt)|css|images|js)/
        security: false
    admin:
        pattern:            /admin(.*)
        context:            user
        form_login:
            provider:       fos_userbundle
            login_path:     /admin/login
            use_forward:    false
            check_path:     /admin/login_check
            failure_path:   null
        logout:
            path:           /admin/logout
        anonymous:          true
    main:
        pattern:      .*
        form-login:
            provider:       fos_userbundle
            login_path:     /login
            use_forward:    false
            check_path:     /login_check
            failure_path:   null
        logout:       true
        anonymous:    true
    secured_area://created for custom frontend user
        pattern: ^/
        anonymous: true
        form_login:
            provider:  database_users
            check_path: /security/login_check
            login_path: /security/login
            #csrf_provider: security.csrf.token_manager
            default_target_path: voters_list
            always_use_default_target_path: true

        logout:
            path: logout
            target: homepage
access_control:
    # The WDT has to be allowed to anonymous users to avoid requiring the login with the AJAX request
    - { path: ^/wdt/, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/profiler/, role: IS_AUTHENTICATED_ANONYMOUSLY }

    # AsseticBundle paths used when using the controller for assets
    - { path: ^/js/, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/css/, role: IS_AUTHENTICATED_ANONYMOUSLY }

    # URL of FOSUserBundle which need to be available to anonymous users
    - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/login_check$, role: IS_AUTHENTICATED_ANONYMOUSLY } # for the case of a failed login
    - { path: ^/user/new$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/user/check-confirmation-email$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/user/confirm/, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/user/confirmed$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/user/request-reset-password$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/user/send-resetting-email$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/user/check-resetting-email$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/user/reset-password/, role: IS_AUTHENTICATED_ANONYMOUSLY }

    # Admin login page needs to be accessed without credential
    - { path: ^/admin/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin/logout$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin/login_check$, role: IS_AUTHENTICATED_ANONYMOUSLY }

    # Secured part of the site
    # This config requires being logged for the whole site and having the admin role for the admin part.
    # Change these rules to adapt them to your needs
    - { path: ^/admin/, role: ROLE_ADMIN }
    - { path: ^/.*, role: IS_AUTHENTICATED_ANONYMOUSLY }


role_hierarchy:
    ROLE_ADMIN:       [ROLE_USER, ROLE_SONATA_ADMIN]
    ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
    SONATA:
        #- ROLE_SONATA_PAGE_ADMIN_PAGE_EDIT  # if you are using acl then this line must be commented

acl:
    connection: default

我对由FOSUserBundle提供的奏鸣曲管理员没有问题,但是自定义前端用户抛出错误

  

在呈现模板期间抛出异常(“无法生成指定路由的URL”security / login_check“,因为此类路由不存在

在我的app / routing.yml中,我导入了为自定义前端用户创建的路由

Custom_security:
resource: "@MyBundleBundle/Resources/config/routing/security.yml"
prefix:  /security

在MyBundle路由中

login_check:
path:   /login_check
#defaults: { _controller: MyBundle:Security:loginCheck }

logout:
    path:  /logout

login_user:
    path:   /login
    defaults: { _controller: MyBundle:Security:login }

我很困惑为什么Symfony抛出异常错误,我在config / routing.yml中导入了MyBundle路由 我的登录表单看起来像这样

<form action="{{ path('security/login_check') }}" name="form" id="form" class="form-horizontal" enctype="multipart/form-data" method="POST">
    <div class="input-group">
         <span class="input-group-addon"><i class="fa fa-user"></i></span>
         <input type="text" id="username" name="_username" value="{{ last_username }}" class="form-control" placeholder="username" required autofocus/>                    
    </div>
    <div class="input-group">
          <span class="input-group-addon"><i class="fa fa-lock"></i></span>
           <input type="password" id="password" name="_password" class="form-control" placeholder="Password" required/>
    </div>                                                                  
    <div class="form-group">
       <!-- Button -->
    <div class="col-sm-12 controls">
        <button type="submit" href="#" class="btn btn-primary pull-right"><i class="fa fa-log-in"></i> Log in</button>
    </div>
  </form>     

更新

我将表单更改为

   <form action="{{ path('login_check') }}" name="form" id="form" class="form-horizontal" enctype="multipart/form-data" method="POST">
    <div class="input-group">
         <span class="input-group-addon"><i class="fa fa-user"></i></span>
         <input type="text" id="username" name="_username" value="{{ last_username }}" class="form-control" placeholder="username" required autofocus/>                    
    </div>
    <div class="input-group">
          <span class="input-group-addon"><i class="fa fa-lock"></i></span>
           <input type="password" id="password" name="_password" class="form-control" placeholder="Password" required/>
    </div>                                                                  
    <div class="form-group">
       <!-- Button -->
    <div class="col-sm-12 controls">
        <button type="submit" href="#" class="btn btn-primary pull-right"><i class="fa fa-log-in"></i> Log in</button>
    </div>
  </form>  

还有MyBundle中的路由

  login_check:
    path:   /login_check
    defaults: { _controller: MyBundle:Security:loginCheck }

  logout:
    path:  /logout

  login_user:
    path:   /login
    defaults: { _controller: MyBundle:Security:login }

并创建了一个在MyBundle内部进行测试的方法

  public function loginCheckAction()
  {
       throw new \Exception('This should never be reached!);
  }

错误

  

永远不应该达到这个目标!

尝试删除login_check的默认控制器

login_check:
path:   /login_check
#defaults: { _controller: DuterteBundle:Security:loginCheck } //removed

引发错误

  

无法找到路径“/ security / login_check”的控制器。路由配置错误。

1 个答案:

答案 0 :(得分:0)

变化

 {{ path('security/login_check') }} 

{{ path('login_check') }}

您的Yaml文件也不正确。改变它:

Custom_security:
    resource: "@MyBundleBundle/Resources/config/routing/security.yml"
    prefix:  /security

在MyBundle路由中

login_check:
    path:   /login_check
    defaults: { _controller: MyBundle:Security:loginCheck }

logout:
    path:  /logout

login_user:
    path:   /login
    defaults: { _controller: MyBundle:Security:login }