Question

我对Silex框架很陌生，我想知道如何进行简单的登录（使用SecurityServiceProvider）ajax请求。一切都在我的代码中运行良好（见下文），但如何更改返回的html页面为布尔值给出真或假的登录是否有效。

app.php

use Symfony\Component\Debug\ErrorHandler;
use Symfony\Component\Debug\ExceptionHandler;

// Register global error and exception handlers
ErrorHandler::register();
ExceptionHandler::register();

// Register service providers
$app->register(new Silex\Provider\DoctrineServiceProvider());
$app->register(new Silex\Provider\TwigServiceProvider(), array(
    'twig.path' => __DIR__ . '/../views',
));
$app->register(new Silex\Provider\UrlGeneratorServiceProvider());
$app->register(new Silex\Provider\SessionServiceProvider());
$app->register(new Silex\Provider\SecurityServiceProvider(), array(
    'security.firewalls' => array(
        'secured' => array(
            'pattern' => '^/',
            'anonymous' => true,
            'logout' => array('logout_path' => '/admin/logout', 'invalidate_session' => true),
            'form' => array('login_path' => 'login', 'check_path' => '/login_check'),
            'users' => $app->share(function () use ($app) {
                return new ski\DAO\MemberDAO($app['db']);
            }),
        ),
    ),
));

// register services
$app['dao.member'] = $app->share(function ($app) {
    return new ski\DAO\MemberDAO($app['db']);
});

routes.php文件

use Symfony\Component\HttpFoundation\Request;

// Home page
$app->get('/', function () use ($app) {
    return $app['twig']->render('index.html.twig');
})->bind('home');

// TODO : never called
$app->post('/ajax/login/', function (Request $request) use ($app) {
    // HERE : how to return if the login was performed well ?
    return $app['security.last_error']($request);
})->bind('ajax_login');

$app->get('/login/', function (Request $request) use ($app) {
    return $app['twig']->render('login.html.twig', array(
        'error' => $app['security.last_error']($request),
        'last_username' => $app['session']->get('_security.last_username'),
    ));
})->bind('login');

$app->get('/includes/header/', function () use ($app) {
    return $app['twig']->render('header.html.twig');
})->bind('header');

和login.js

// Connexion
$(document).on('click', '#connexion_submit_button', function () {
    // Connexion Ajax
    var username = $('#connexion_pseudo').val();
    var password = $('#connexion_password').val();

    $.ajax({
        type: 'POST',
        url: '/ski/web/login_check',
        data: '_username=' + username + '&_password=' + password,
        beforeSend: function () {
            $('#connexion_submit_button').html('Patientez...');
        },
        success: function (data) {

            // TODO : generate custom animations if user is logged or not
            console.log(data);
            $('#connexion_submit_button').html('Connexion'); 
        }
    });
    return false;
});

任何建议都将不胜感激！

顺便说一句，在这样的框架中做ajax有什么好的方式吗？

Answer 1

Silex使用了Symfony的安全组件和SecurityServiceProvider sets $app['dispatcher'] as event dispatcher to AuthenticationProviderManager。我想这意味着它会触发Security Component documentation中列出的事件。

有趣的一个应该是security.interactive_login和security.authentication.failure。两者都可以触发一个事件，您可以完全访问Request对象，您可以使用EventSubscriberInterface修改匹配的控制器或通过订阅事件来执行任何操作。

Answer 2

身份验证成功和失败处理程序创建和管理响应。因此，如果要进行自定义响应，则需要自定义身份验证成功和失败处理程序。

添加处理程序

MyAuthenticationFailureHandler

use Symfony\Component\Security\Http\Authentication\DefaultAuthenticationFailureHandler as BaseDefaultAuthenticationFailureHandler;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\Security\Core\Exception\AuthenticationException;

class MyAuthenticationFailureHandler extends BaseDefaultAuthenticationFailureHandler
{
    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
    {
        if ($request->isXmlHttpRequest()) return new JsonResponse(['login' => false]);
        return parent::onAuthenticationFailure($request, $exception);
    }
}

MyAuthenticationSuccessHandler

use Symfony\Component\Security\Http\Authentication\DefaultAuthenticationSuccessHandler as BaseDefaultAuthenticationSuccessHandler;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\JsonResponse;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;

class MyAuthenticationSuccessHandler extends BaseDefaultAuthenticationSuccessHandler
{
    public function onAuthenticationSuccess(Request $request, TokenInterface $token)
    {
        if ($request->isXmlHttpRequest()) return new JsonResponse(['login' => true]);
        return parent::onAuthenticationSuccess($request, $token);
    }
}

并在安全服务提供商

中注册

$app['security.authentication.success_handler.secured'] = $app->share(function () use ($app) {
    $handler = new MyAuthenticationSuccessHandler(
        $app['security.http_utils'],
        $app['security.firewalls']['secured']['form'] //$options,
    );
    $handler->setProviderKey('secured');

    return $handler;
});

$app['security.authentication.failure_handler.secured'] = $app->share(function () use ($app) {
    return new MyAuthenticationFailureHandler(
        $app,
        $app['security.http_utils'],
        $app['security.firewalls']['secured']['form'],
        $app['logger']
    );
});

在Silex Framework中使用ajax

2 个答案: