下面是我的security.yml文件,其中有2种方法可以完美地用作非安全方法。但是api_slots不能用作不安全的方法。我不知道如何像security.yml一样在getSlotsAction中定义方法对象名,而我却像api_slots那样创建它的对象,因为对于unsecureListAction方法{{1} }并根据需要完美地工作。
api_doctors-list这是我上面3个不安全方法对象的方法名称:
对于api_doctors_list
security:
encoders:
AppBundle\Entity\BaseUser:
algorithm: bcrypt
cost: 12
role_hierarchy:
ROLE_USER: ROLE_USER
ROLE_ADMIN: [ROLE_USER, ROLE_ALLOWED_TO_SWITCH]
providers:
admin:
entity:
class: AppBundle:AdminUser
property: email
api:
entity:
class: AppBundle:BaseUser
property: authToken
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
api_slots:
pattern: ^/api/slots$
methods: [GET]
security: false
anonymous: true
api_new_register:
pattern: ^/api/users$
methods: [POST]
security: false
anonymous: true
api_doctors_list:
pattern: ^/api/doctors$
methods: [GET]
security: false
anonymous: true
api_area:
pattern: ^/api
provider: api
user_checker: psyma.security.app_user.checker
guard:
authenticator: psyma.security.token_authenticator
stateless: true
anonymous: false
logout:
path: admin_logout
main:
pattern: ^/
anonymous: ~
access_control:
- { path: ^/admin/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: "%requires_channel%" }
- { path: ^/admin, roles: ROLE_ADMIN, requires_channel: "%requires_channel%" }
- { path: ^/api, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: "%requires_channel%" }
- { path: ^/, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: "%requires_channel%" }
对于api_new_register
/**
* @Route("")
* @Method("GET")
*/
public function unsecureListAction()
和api_slots
/**
* @param Request $request
*
* @return JsonResponse
* @Route("/users")
* @Method("POST")
*/
public function patientRegistrationAction(Request $request)