return 用户检查器中的自定义状态代码

return a custom status code in User Checker

我正在使用 Symfony 4.4。 我正在使用 JWT 身份验证,我现在正在创建一个自定义用户检查器: 当用户检查器检测到用户无法连接时,我想 return 自定义响应代码和自定义消息。

security.yaml:

    client_login:
        pattern:  ^/api/login
        provider: client_entity
        stateless: true
        anonymous: true
        json_login:
            check_path: api_login
            username_path: email
            success_handler:          lexik_jwt_authentication.handler.authentication_success
            failure_handler:          lexik_jwt_authentication.handler.authentication_failure
        user_checker: App\Security\UserChecker
    refresh:
        pattern:  ^/api/token/refresh
        stateless: true
        anonymous: true
    api:
        pattern:   ^/api
        stateless: true
        anonymous: true
        guard:
            authenticators:
                - App\Security\TokenAuthenticator
            provider: chain_providers #this provider will be ignored when getting the User
        user_checker: App\Security\UserChecker

用户检查器:

class UserChecker implements UserCheckerInterface
{
    public function checkPreAuth(UserInterface $user)
    {
        return;
    }

    public function checkPostAuth(UserInterface $user)
    {
        if (!$user instanceof Client) {
            return;
        }

        if (!$user->isActive()) {
            throw new AuthenticationException('userNotActive');
        }
    }
}

使用此用户检查器,客户端不活动时的响应:

{
"code": 401,
"message": "An authentication exception occurred."
}

我只想自定义代码和消息。

如果你只想更新响应,你应该创建一个侦听器来处理失败的身份验证:

<?php

namespace App\EventListener;

use App\Entity\User;
use Lexik\Bundle\JWTAuthenticationBundle\Event\AuthenticationFailureEvent;

/**
 * Authentication Failure Listener.
 *
 * This listener add data to payload.
 */
class AuthenticationFailureListener
{
    /**
     * When this event happened, response can be updated.
     *
     * @param AuthenticationFailureEvent $event the authentication Failure event
     */
    public function onAuthenticationFailureResponse(AuthenticationFailureEvent $event): void
    {
        $response = $event->getResponse();

        //TODO : edit your response here
        //dd($response);

        $event->setResponse($response);
    }
}

在 services.yaml 文件中声明服务:

    App\EventListener\AuthenticationFailureListener:
        tags:
            - { name: kernel.event_listener, event: lexik_jwt_authentication.on_authentication_failure, method: onAuthenticationFailureResponse }