说我的路线 / booking /(.*)受 security.yml 中的防火墙配置保护,并且需要“ ROLE_USER ” ,当用户尝试访问前面带有“ / booking / ”的任何路由时,该应用会将用户重定向到登录页面进行身份验证。
所以我的问题是,在用户提供他的凭据并获得身份验证之后,Symfony 2如何能够将用户重定向回用户请求的页面/路由,或者Symfony 2在哪里存储路由是将它存储在某个会话中还是其他地方。
我们可以访问它吗?
答案 0 :(得分:27)
这是可能的,您可以在会话中访问引用链接(在use_referer
设置为true
时使用)。
例如,如果您的success_handler
(在防火墙配置中)有form_login
服务,则会根据某些条件(通常是角色)重定向用户,但您希望将用户重定向到引荐来源链接如果已设置,您可以像这样访问引荐来源链接:
$key = '_security.main.target_path'; #where "main" is your firewall name
//check if the referrer session key has been set
if ($this->container->get('session')->has($key)) {
//set the url based on the link they were trying to access before being authenticated
$url = $this->container->get('session')->get($key);
//remove the session key
$this->container->get('session')->remove($key);
}
//if the referrer key was never set, redirect to a default route
else{
$url = $this->router->generate('member_home');
}
return new RedirectResponse($url);
使用标头获取引荐来源(即$request->headers->get('referer')
)在这种情况下不起作用,因为它将始终返回登录链接。
感谢Roman Marintsenko& Ryan Weaver为此blog
答案 1 :(得分:11)
Carrie Kendall的解决方案有效,谢谢!
以下是Symfony中的完整实现:
services.yml:
login_handler:
class: Project\BaseBundle\Service\loginHandler
arguments: ['@router', '@doctrine.orm.entity_manager', '@service_container']
并在Project \ BaseBundle \ Service \ loginHandler:
中namespace Project\BaseBundle\Service;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface;
use Symfony\Component\Routing\RouterInterface;
use Doctrine\ORM\EntityManager;
class loginHandler implements AuthenticationSuccessHandlerInterface {
private $router;
private $container;
private static $key;
public function __construct(RouterInterface $router, EntityManager $em, $container) {
self::$key = '_security.secured_area.target_path';
$this->router = $router;
$this->em = $em;
$this->session = $container->get('session');
}
public function onAuthenticationSuccess( Request $request, TokenInterface $token ) {
$user_entity = $token->getUser();
if( !$user_entity->getChangePassword() ) {
$route = $this->router->generate('BaseBundle_home_page');
} else {
$this->session->getFlashBag()->add('error', 'Your password must be changed now');
$route = $this->router->generate('BaseBundle_account_page');
}
//check if the referer session key has been set
if ($this->session->has( self::$key )) {
//set the url based on the link they were trying to access before being authenticated
$route = $this->session->get( self::$key );
//remove the session key
$this->session->remove( self::$key );
//if the referer key was never set, redirect to a default route
} else{
$url = $this->generateUrl('BaseBundle_home_page');
return new RedirectResponse($route);
}
return new RedirectResponse($route);
}
}
答案 2 :(得分:4)
我也有这个问题。我使用了security.yml并在使用的注册操作中使用:
$redirectUrl = $request->getSession()->get('_security.account.target_path');
享受。
答案 3 :(得分:3)
Symfony使用HTTP Referer header将用户重定向回他们来自的页面..即推荐人
您可以使用security.yml中的安全配置use_referer: true
设置此项,details here
您可以使用以下命令从控制器访问referer标头:
$referer = $request->headers->get('referer');
注意标题拼写错误,其引用(一个r)