如何设置对symfony的访问

How to set access to symfony

我正在使用 symfony 4 和 fosuserbundle。

我有一个动态 url 可以设置语言快捷方式。例如。com/en

这将是用户登录时的默认设置 url。但是当他们未登录时,他们将重定向到示例。com/en/login

在route.yaml中我有以下路线

controllers:
    resource: '../src/Controller/'
    type: annotation
    prefix: /{_locale}
    requirements:
        _locale: '%app_locales%'
    defaults:
        _locale: '%locale%'

home:
    path: /
    controller: App\Controller\DefaultController::index

fos_user_security:
    prefix: /{_locale}
    resource: "@FOSUserBundle/Resources/config/routing/security.xml"

fos_user_registration:
    prefix: /{_locale}/register
    resource: "@FOSUserBundle/Resources/config/routing/registration.xml"

fos_user_resetting:
    prefix: /{_locale}/resetting
    resource: "@FOSUserBundle/Resources/config/routing/resetting.xml"

fos_user_profile:
    prefix: /{_locale}/profile
    resource: "@FOSUserBundle/Resources/config/routing/profile.xml"

并在 security.yaml

security:
    encoders:
        App\Entity\User: plaintext

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER

    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
    providers:
        fos_userbundle:
            id: fos_user.user_provider.username_email

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        secured_area:
            # this firewall applies to all URLs
            pattern: ^/

            # but the firewall does not require login on every page
            # denying access is done in access_control or in your controllers
            anonymous: ~

            # This allows the user to login by submitting a username and password
            # Reference: http://symfony.com/doc/current/cookbook/security/form_login_setup.html
            form_login:
                # fos user bundle handles the form login
                #provider: fos_userbundle
                # The route name that the login form submits to
                check_path: fos_user_security_check
                # The name of the route where the login form lives
                # When the user tries to access a protected page, they are redirected here
                login_path: fos_user_security_login
                # Secure the login form against CSRF
                # Reference: http://symfony.com/doc/current/cookbook/security/csrf_in_login_form.html
                csrf_token_generator: security.csrf.token_manager

            logout:
                # The route name the user can go to in order to logout
                path: fos_user_security_logout
                # The name of the route to redirect to after logging out
                target: homepage

    # Easy way to control access for large sections of your site
    # Note: Only the *first* access control that matches will be used
    access_control:
        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/, roles: ROLE_USER }
        # - { path: ^/admin, roles: ROLE_ADMIN }
        # - { path: ^/profile, roles: ROLE_USER }

但是,当我现在尝试打开该网站时,总是出现权限被拒绝的错误。

当我将第二条路径中的角色从 "ROLE_USER" 更改为 IS_AUTHENTICATED_ANONYMOUSLY 时,页面将打开,同时将 link 更改为 "Login" 登录页面将打开正确,我可以登录,但该页面应该是 "Login"-Only 页面。

我认为我必须在 access_control 的路径中写一些东西,但我不明白我必须在那里写什么。

当我设置 access_denid_url 时,它也不起作用。

感谢您的帮助。

更新:

这里我尝试以下设置:

access_denied_url:
    /[a-z]{2}/login
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
    - { path: ^/[a-z]{2}/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/, roles: ROLE_USER }
    # - { path: ^/admin, roles: ROLE_ADMIN }
    # - { path: ^/profile, roles: ROLE_USER }

The file "config/packages/security.yaml" does not contain valid YAML: Unexpected characters near "/login$

我相信你的正则表达式 - { path: ^/[a-z]{2}/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }

应该在引号中(单引号或双引号)也是如此:

- { path: '^/[a-z]{2}/login$', role: IS_AUTHENTICATED_ANONYMOUSLY }