登录后symfony fosuserbundle重定向

时间:2017-04-17 01:10:42

标签: symfony security login fosuserbundle symfony2-easyadmin

我有一个登录表单我想要做的事如果用户有角色用户尝试登录他被重定向到页面voiture_new并且如果管理员最终有一个角色管理员他被重定向到管理页面 PS:我正在使用easyadminbundle

这是我添加到控制器的loginaction中的内容

          $authChecker = $this->container-   >get('security.authorization_checker');
$router = $this->container->get('router');

if ($authChecker->isGranted('ROLE_ADMIN')) {
    return new RedirectResponse($router->generate('admin'), 307);
} 

if ($authChecker->isGranted('ROLE_USER')) {
    return new RedirectResponse($router->generate('voiture_new'), 307);
}

这是我的security.yml 

    security:
encoders:
    FOS\UserBundle\Model\UserInterface: bcrypt

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: ROLE_ADMIN

providers:
    fos_userbundle:
        id: fos_user.user_provider.username_email

firewalls:
    main:
        pattern: ^/
        form_login:
            provider: fos_userbundle
            csrf_token_generator: security.csrf.token_manager
            always_use_default_target_path: false
            default_target_path:  /voiture/new
            check_path: fos_user_security_check

            # if you are using Symfony < 2.8, use the following config instead:
            # csrf_provider: form.csrf_provider

        logout:       true
        anonymous:    true

access_control:
    - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin/, role: ROLE_ADMIN }
    - { path: ^/marque/, role: ROLE_ADMIN }
    - { path: ^/modele/, role: ROLE_ADMIN }
    - { path: ^/user/, role: ROLE_ADMIN }
    - { path: ^/voiture/, role: ROLE_USER }
    - { path: ^/profile/, role: ROLE_USER }
    - { path: ^/interventions/, role: ROLE_USER }

但是即使用户有一个角色管理员,我也总是会被发送到voiture_new吗?

1 个答案:

答案 0 :(得分:0)

您需要做的是创建Authenticator Class,然后告诉symfony在尝试进行身份验证时使用它。在这个类中是一个方法onAuthenticationSuccess,然后您可以使用它来执行所有重定向。

例如在防火墙下的security.yml内,在这种情况下称为 main 。告诉它您要使用guard,然后提及在此示例中称为 app.form_login_authenticator

的服务 
main:
    pattern: ^/
    http_basic: ~
    anonymous: ~
    logout:
        path: logout
    guard:
        authenticators:
            - app.form_login_authenticator
        # by default, use the start() function from FormLoginAuthenticator
        entry_point: app.form_login_authenticator

services.yml内,确保列出此服务

app.form_login_authenticator:
        class: AppBundle\Security\FormLoginAuthenticator
        arguments: ["@service_container"]

然后这是类示例

class FormLoginAuthenticator extends AbstractFormLoginAuthenticator
{
    private $container;

    public function __construct(ContainerInterface $container)
    {
        $this->container = $container;
    }

    public function getCredentials(Request $request)
    {
        if ($request->getPathInfo() != '/login_check') {
            return;
        }

        $username = $request->request->get('_username');
        $request->getSession()->set(Security::LAST_USERNAME, $username);
        $password = $request->request->get('_password');

        return array(
            'username' => $username,
            'password' => $password
        );
    }

    public function getUser($credentials, UserProviderInterface $userProvider)
    {
        $username = $credentials['username'];    
        $userRepo = $this->container
            ->get('doctrine')
            ->getManager()
            ->getRepository('AppBundle:User');

        return $userRepo->findOneByUsername($username);
    }

    public function checkCredentials($credentials, UserInterface $user)
    {
        $plainPassword = $credentials['password'];
        $encoder = $this->container->get('security.password_encoder');
        if (!$encoder->isPasswordValid($user, $plainPassword)) {
            return false;
        }

        return true;
    }

    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
    {
        // AJAX! Maybe return some JSON
        if ($request->isXmlHttpRequest()) {
            return new JsonResponse(
            // you could translate the message
                array('message' => $exception->getMessageKey()),
                403
            );
        }

        // for non-AJAX requests, return the normal redirect
        return parent::onAuthenticationFailure($request, $exception);
    }

    public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
    {
        //Perform your redirects here for example


        $response = '';
        if($this->container->get('security.authorization_checker')->isGranted('ROLE_ADMIN')){
            $response = $this->container->get('router')->generate('admin_dashboard');
        }

        if($this->container->get('security.authorization_checker')->isGranted('ROLE_USER')){
            $response = $this->container->get('router')->generate('user_dashboard');
        }

        return $response;
    }

    protected function getLoginUrl()
    {
        return $this->container->get('router')
            ->generate('login');
    }

}

希望这会让你走上正确的道路来实现你想要的东西,

相关问题
最新问题