1. 技术文章
  2. Accessing app.user in unsecured area, silex

Accessing app.user in unsecured area, silex

人走茶凉 提交于 2019-12-08 06:58:33

问题


I have this configuration for firewall : 

$app->register(new Silex\Provider\SecurityServiceProvider(), array(
     'admin' => array(
            'pattern' => '^/admin',
            'form' => array(
                'login_path' => '/#login',
                'check_path' => '/admin/login_check',
            ),
            'logout' => array(
                'logout_path' => '/admin/logout',
            )
        ),
    'unsecured' => array(
            'anonymous' => true,
            'pattern' => '^.*$',
        ),
    ));

and also this for security.rules : 

$app['security.access_rules'] = array(
    array('^/admin', 'ROLE_ADMIN'),
    array('.*', 'IS_AUTHENTICATED_ANONYMOUSLY'),
);

I see this answer : Silex/Symfony Security Firewall Access user token outside the secured area But the problem is, I can not access the app.user in "/" page and is_granted (in twig) always return false to any input.

I don't know if the ACL mentioned in that answer is something else (other than the access_rules) or I do something wrong.


回答1:


I believe a user (token) is only accessible within the firewall that logged it in. So as long as you are within /admin part of your site you would have access to the app.user, but not within the "unsecured" firewall.

To have the behaviour you are looking for, you need to have one overall/sitewide firewall with the pattern of ^/ and then use access rules to restrict access to /admin.

$app->register(new Silex\Provider\SecurityServiceProvider(), array(
    'main' => array(
        'pattern' => '^/',
        'anonymous' => true,
        'form' => array(
            'login_path' => '/#login',
            'check_path' => '/admin/login_check',
        ),
        'logout' => array(
            'logout_path' => '/admin/logout',
        )
    ),
));

$app['security.access_rules'] = array(
    array('^/admin', 'ROLE_ADMIN'),
    array('^/', 'IS_AUTHENTICATED_ANONYMOUSLY'),
);

So a brand new user to your site would be immediately authenticated anonymously, until they login with a role that allows them to access /admin.

It's also worth noting that if you were to have your login form within admin area, as something like /admin/login. Them you would need to add an anonymous access rule for the login URL.

Hope this helps!



来源:https://stackoverflow.com/questions/21909574/accessing-app-user-in-unsecured-area-silex

标签
symfony
silex
易学教程内所有资源均来自网络或用户发布的内容,如有违反法律规定的内容欢迎反馈
该文章没有解决你所遇到的问题?点击提问,说说你的问题,让更多的人一起探讨吧!