如何禁止 Symfony2 中授权用户的访问?
How to forbid access for authorised users in Symfony2?
我是 Symfony2 的初学者。现在我尝试使用 FOSUserBundle 完成编写授权。
我有一个问题,授权用户可以访问登录页面或注册页面。我可以在配置中更改它还是必须在控制器中检查它?
谢谢
PS 我的意思是 security.yml:
access_control:
- { path: /new, role: ROLE_USER }
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
您可以通过创建一个事件侦听器来解决它hook into the FOSUserBundle controllers. For registration you could use fos_user.registration.initialize event. In your listener you could check if user is already authenticated, if yes then redirect to whatever route you like (e.g. to homepage). See this answer查看示例。
对于登录路由 (/login),您可以覆盖默认的 FOSUserBundle SecurityController and check there if user is authenticated and do the redirect. See this example。
您可以尝试使用如下表达式:http://symfony.com/doc/current/cookbook/security/access_control.html#book-security-allow-if.
表达式可以是:
"is_anonymous() and and not is_remember_me() not is_fully_authenticated()"
我是 Symfony2 的初学者。现在我尝试使用 FOSUserBundle 完成编写授权。 我有一个问题,授权用户可以访问登录页面或注册页面。我可以在配置中更改它还是必须在控制器中检查它? 谢谢
PS 我的意思是 security.yml:
access_control:
- { path: /new, role: ROLE_USER }
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
您可以通过创建一个事件侦听器来解决它hook into the FOSUserBundle controllers. For registration you could use fos_user.registration.initialize event. In your listener you could check if user is already authenticated, if yes then redirect to whatever route you like (e.g. to homepage). See this answer查看示例。
对于登录路由 (/login),您可以覆盖默认的 FOSUserBundle SecurityController and check there if user is authenticated and do the redirect. See this example。
您可以尝试使用如下表达式:http://symfony.com/doc/current/cookbook/security/access_control.html#book-security-allow-if.
表达式可以是:
"is_anonymous() and and not is_remember_me() not is_fully_authenticated()"