问题
how to get the current logged in user on non secured pages?
I have only an /account/ page which is secured through the firewall and the other pages are unprotected.
My global navigation has the following template (simplified):
{% if app.user %}
<a href="/account/data">...
<a href="/logout>...
{% else %}
<a href="/account/login">....
{% endif %}
Problem: The navigation with the logout link should be accessible on unsecured page too, but there is no UsernamePasswordToken...and symfony displays the login link, instead of the /logout and /account/data links. I configured all other pages with an anonymous listener, but it does not work properly.
is there a solution for it ?
回答1:
You can't get the user on a non-firewalled page. Enable the firewall for the whole app, allow anonymous access, and protect particular parts of the app with access_control:
security:
firewalls:
main:
pattern: ^/
anonymous: ~
access_control:
- { path: ^/protected, roles: ROLE_SOME }
来源:https://stackoverflow.com/questions/15363674/symfony-2-get-current-logged-in-user-on-non-secured-pages-through-firewall