如何在security.yml中使用两个登录表单?我不知道是否可以使用提供程序:带有两个登录表单的in_memory和fosuserbundle。
安全性: 编码器: FOS \ UserBundle \ Model \ UserInterface:bcrypt Symfony \ Component \ Security \ Core \ User \ User: 算法:bcrypt 费用:12
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
providers:
in_memory:
memory:
users:
'admin@turizmehli.com':
password: '$2y$12$GbKR8LI7tOP4zZ0Mt.sui.4r2ZNtrk1H/1z0kX0yHxWoxXOL6EZj.'
roles: 'ROLE_ADMIN'
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_token_generator: security.csrf.token_manager
# if you are using Symfony < 2.8, use the following config instead:
# csrf_provider: form.csrf_provider
logout: true
anonymous: true
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
admin:
host: '%DOMAIN_ADMIN%'
form_login:
provider: in_memory
login_path: admin_login
check_path: admin_login
always_use_default_target_path: true
default_target_path: admin_home
csrf_token_generator: security.csrf.token_manager
csrf_parameter: _token
logout:
path: admin_logout
anonymous: ~
api:
host: '%DOMAIN_API%'
pattern: ^/.+
stateless: true
anonymous: true
access_control:
# Admin access rules
- { path: ^/login, host: '%DOMAIN_ADMIN%', roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, host: '%DOMAIN_ADMIN%', roles: ROLE_USER }
# Default all request denied if not whitelisted
- { path: ^/, role: NO_ACCESS }
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/post, role: IS_AUTHENTICATED_ANONYMOUSLY }
答案 0 :(得分:0)
只需检查documentation,了解如何使用多个提供商。在防火墙中,可以为每个提供程序创建一个防火墙。首先,配置您的提供商或提供商组(chain_providers)
# config/packages/security.yaml
security:
providers:
chain_provider:
chain:
providers: [in_memory, user_db]
in_memory:
memory:
users:
foo: { password: test }
user_db:
entity: { class: App\Entity\User, property: username }
然后您的防火墙,您可以按照文档中的说明为提供程序添加单独的配置
您还可以配置防火墙或个人身份验证 使用特定提供程序的机制:
# config/packages/security.yaml
security:
firewalls:
secured_area:
# ...
pattern: ^/
provider: user_db
http_basic:
realm: 'Secured Demo Area'
provider: in_memory
form_login: ~
只需检查一下,让我们知道它是否有效!