composer.json
"require": {
.
.
.
"doctrine/dbal": "~2.5.4",
"doctrine/orm": "~2.5.4",
"silex/silex": "~2.0",
"symfony/security": "^3.1",
"symfony/security-csrf": "^3.1",
"twig/twig": "^1.24",
.
.
.
},
我正在使用Doctrin ORM,我无法在Silex中使用安全上下文:
MyNameSpace \ Model \ UserProvider (简化)
class UserProvider implements UserProviderInterface
{
private $app;
public function __construct(Application $app) {
$this->app = $app;
}
public function loadUserByUsername($username) {
$user = $this->app['em']->getRepository('MyNameSpace\Model\User')
->findOneBy(array('username' => $username));
return $user;
}
public function refreshUser(UserInterface $user) {
return $this->loadUserByUsername($user->getUsername());
}
public function supportsClass($class)
{
return $class === 'MyNameSpace\Model\User';
}
}
MyNameSpace \ Model \ User.php (简化)
use Symfony\Component\Security\Core\User\AdvancedUserInterface;
use Doctrine\ORM\Mapping as OR
class User implements AdvancedUserInterface, \Serializable {
/**
* @ORM\Column(type="array")
*/
protected $roles;
public function getRoles() {
$roles = $this->roles;
$roles[] = 'ROLE_USER';
return array_unique($roles);
}
public function setRoles(array $newRoles) {
$roles = $this->getRoles();
foreach ($newRoles as $role) {
$roles = $this->addRole($roles, $role);
}
return $this->roles;
}
public function addRole($roles, $role) {
$role = strtoupper($role);
if ($role === 'ROLE_USER') {
return;
}
if (!$this->hasRole($roles, $role)) {
$roles[] = $role;
return $roles;
}
}
public function hasRole($roles, $role) {
return in_array(strtoupper($role), $roles, true);
}
public function serialize() {
return serialize(array(
$this->id,
$this->username,
$this->password,
$this->email,
$this->roles,
$this->enabled,
$this->accountNonLocked,
$this->accountNonExpired,
$this->credentialsNonExpired
));
}
public function unserialize($serialized) {
list (
$this->id,
$this->username,
$this->password,
$this->email,
$this->roles,
$this->enabled,
$this->accountNonLocked,
$this->accountNonExpired,
$this->credentialsNonExpired
) = unserialize($serialized);
}
}
角色字段:
(ROLE_USER总是通过MyNameSpace\Model\User:getRoles方法添加)
a:1:{i:0;s:11:"ROLE_CLIENT";}
SecurityServiceProvider:
$app->register(new Provider\SecurityServiceProvider(), array(
'security.firewalls' => array(
'users' => array(
'pattern' => '^/users/.*$',
'anonymous' => false,
'form' => array(
'login_path' => '/login',
'check_path' => '/users/login_check',
),
'logout' => array(
'logout_path' => '/users/logout',
'invalidate_session' => true,
),
'users' => function() use($app){
return new UserProvider($app);
},
),
),
'security.role_hierarchy' => array(
'ROLE_USER' => array(),
'ROLE_CLIENT' => array('ROLE_USER'),
),
'security.access_rules' => array(
array('^/.+$', ''),
array('^/login', ''),
array('^/register', ''),
array('^/users/.*$', 'ROLE_USER'),
),
));
接缝用户获得身份验证,就好像我提交了错误的凭据一样,它会提醒我:
凭据错误。
但凭借正确的凭据,token为空:
$app->get("/", function() use($app){
$token = $app['security.token_storage']->getToken();
if (null !== $token){
$user = $token->getUser();
$username = $user->getUsername();
return $app['twig']->render('page.html.twig', array(
'user' => $username
)
);
}else{
return $app['twig']->render('base.html.twig');
}
});
结果始终为base.html.twig。
Silex文档不使用Doctrine ORM,并将Roles存储为数据库中的逗号分隔字符串,如:
ROLE_CLIENT,ROLE_ADMIN
我使用序列化数组存储它:
a:2:{i:0;s:11:"ROLE_CLIENT";i:1;s:10;"ROLE_ADMIN";}
我不知道这是不是原因。此外,我试图将角色存储为阵列而没有成功。