symfony 3.4 FosUser登录添加验证码
Add Captcha in Login of FosUser in symfony 3.4
我有一个功能性的 FosUser 登录。
现在,我正在尝试将任何 captcha 添加到 FosUser 生成的登录名中,我正在使用 Symfony 3.4.4
我研究了一些链接,例如:
ReCaptcha with this tutorial,但我不知道如何覆盖检查登录以添加验证。
EWZRecaptchaBundle 我没有找到任何带有 FOsUser
- BotDetect or CaptchaBundle 似乎需要大量内存来生成验证码。那不是我的选择,因为我的产品环境是共享主机
欢迎任何帮助或建议
问候
最后,我使用 post 中的 option 1 解决了我的问题,并将扩展更改为 /src/UserBundle/Controller/SecurityController.php 并更改 LoginAction
<?php
public function loginAction(Request $request){
$error = Security::AUTHENTICATION_ERROR;
$lastUsername = '';
$isValid=false;
$hasCaptcha=false;
if ($_POST) {
$lastUsername = $_POST['_username'];
$password_plain = $_POST['_password'];
$em = $this->getDoctrine()->getManager();
$userManager = $this->get('fos_user.user_manager');
$user =$userManager ->findUserByUsernameOrEmail($lastUsername);
if ($this->captchaverify($request->get('g-recaptcha-response'))) {
$hasCaptcha=true;
} else {
$error="Captcha is not Valid";
}
if($hasCaptcha){
if($user){
$factory = $this->container->get('security.encoder_factory');
$encoder = $factory->getEncoder($user);
if($encoder->isPasswordValid($user->getPassword(),$password_plain,$user->getSalt())){
$token = new UsernamePasswordToken($user, null, 'main', $user->getRoles());
$this->get('security.token_storage')->setToken($token);
return $this->redirectToRoute('homepage');
} else {
$error="password is not Valid";
}
}else{
$error="user is not Valid";
}
}
}
return $this->renderLogin(array(
'last_username' => $lastUsername,
'error' => $error,
));
}
function captchaverify($recaptcha){
$url = "https://www.google.com/recaptcha/api/siteverify";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, array(
"secret"=>"xxxxxxxx","response"=>$recaptcha));
$response = curl_exec($ch);
curl_close($ch);
$data = json_decode($response);
return $data->success;
}
- 还需要将 'login_path' 和 'check_path' 处的
security.yml 更改为值 'new_login',这是登录操作 的新路径
firewalls:
dev:
pattern: ^/(_(profiler|wdt|error)|css|images|js)/
security: false
main:
pattern: ^/
form_login:
provider: fos_userbundle
default_target_path: homepage
csrf_token_generator: security.csrf.token_manager
login_path: new_login
check_path: new_login
- 在我看来我补充说:
<script src='https://www.google.com/recaptcha/api.js?hl=es'></script>
- 表格内:
<div class="g-recaptcha" data-sitekey="xxxxxx"></div>
希望能帮到有同样困境的朋友
我有一个功能性的 FosUser 登录。
现在,我正在尝试将任何 captcha 添加到 FosUser 生成的登录名中,我正在使用 Symfony 3.4.4
我研究了一些链接,例如:
ReCaptcha with this tutorial,但我不知道如何覆盖检查登录以添加验证。
EWZRecaptchaBundle 我没有找到任何带有 FOsUser
的样本
- BotDetect or CaptchaBundle 似乎需要大量内存来生成验证码。那不是我的选择,因为我的产品环境是共享主机
欢迎任何帮助或建议
问候
最后,我使用 post 中的 option 1 解决了我的问题,并将扩展更改为 /src/UserBundle/Controller/SecurityController.php 并更改 LoginAction
<?php
public function loginAction(Request $request){
$error = Security::AUTHENTICATION_ERROR;
$lastUsername = '';
$isValid=false;
$hasCaptcha=false;
if ($_POST) {
$lastUsername = $_POST['_username'];
$password_plain = $_POST['_password'];
$em = $this->getDoctrine()->getManager();
$userManager = $this->get('fos_user.user_manager');
$user =$userManager ->findUserByUsernameOrEmail($lastUsername);
if ($this->captchaverify($request->get('g-recaptcha-response'))) {
$hasCaptcha=true;
} else {
$error="Captcha is not Valid";
}
if($hasCaptcha){
if($user){
$factory = $this->container->get('security.encoder_factory');
$encoder = $factory->getEncoder($user);
if($encoder->isPasswordValid($user->getPassword(),$password_plain,$user->getSalt())){
$token = new UsernamePasswordToken($user, null, 'main', $user->getRoles());
$this->get('security.token_storage')->setToken($token);
return $this->redirectToRoute('homepage');
} else {
$error="password is not Valid";
}
}else{
$error="user is not Valid";
}
}
}
return $this->renderLogin(array(
'last_username' => $lastUsername,
'error' => $error,
));
}
function captchaverify($recaptcha){
$url = "https://www.google.com/recaptcha/api/siteverify";
$ch = curl_init();
curl_setopt($ch, CURLOPT_URL, $url);
curl_setopt($ch, CURLOPT_HEADER, 0);
curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE);
curl_setopt($ch, CURLOPT_POST, true);
curl_setopt($ch, CURLOPT_POSTFIELDS, array(
"secret"=>"xxxxxxxx","response"=>$recaptcha));
$response = curl_exec($ch);
curl_close($ch);
$data = json_decode($response);
return $data->success;
}
- 还需要将 'login_path' 和 'check_path' 处的
security.yml更改为值 'new_login',这是登录操作 的新路径
firewalls:
dev:
pattern: ^/(_(profiler|wdt|error)|css|images|js)/
security: false
main:
pattern: ^/
form_login:
provider: fos_userbundle
default_target_path: homepage
csrf_token_generator: security.csrf.token_manager
login_path: new_login
check_path: new_login
- 在我看来我补充说:
<script src='https://www.google.com/recaptcha/api.js?hl=es'></script>
- 表格内:
<div class="g-recaptcha" data-sitekey="xxxxxx"></div>
希望能帮到有同样困境的朋友