每当权限不足的用户尝试访问某个网页时,我会通过在access_denied_url
/login到security.yml字段将其重定向到登录页面
我的security.yml
security:
encoders:
FOS\UserBundle\Model\UserInterface: bcrypt
access_denied_url: /login
providers:
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
# disables authentication for assets and the profiler, adapt it according to your needs
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
secured_area:
pattern: ^/
form_login:
login_path: /login
check_path: /login_check
default_target_path: /
logout:
path: /logout
target: /
anonymous: ~
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: security.csrf.token_manager # Use form.csrf_provider instead for Symfony <2.4
logout: true
anonymous: true
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/tc, role: ROLE_TC }
- { path: ^/operations, role: ROLE_OPERATIONS }
在我的twig模板中,我想获取用户尝试访问的页面,以便我该怎么做?
我试图获取目标路径和引用路径如下,但它们都是空的
app.session.get('_security.secured_area.target_path')
app.request.headers.get('referer')
答案 0 :(得分:1)
您必须使用use_referer。
这是我的security.yml文件:
firewalls:
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: security.csrf.token_manager
use_referer: true
logout: true
anonymous: true