新Symfony用户在这里…
Symfony文档中的示例实际上没有任何关于如何正确注销的示例。这是我的security.yml
security:
encoders:
Symfony'Component'Security'Core'User'User: plaintext
AppBundle'Entity'User: bcrypt
role_hierarchy:
ROLE_ADMIN: [ROLE_USER]
providers:
chain_provider:
chain:
providers: [in_memory, user_db]
in_memory:
memory:
users:
admin: { password: adminpass, roles: ROLE_ADMIN }
user_db:
entity: { class: AppBundle:User, property: username }
firewalls:
main:
pattern: /.*
form_login:
login_path: /login
check_path: /login_check
default_target_path: /
logout:
path: /logout
target: /
invalidate_session: true
delete_cookies:
name:
path: null
domain: null
security: true
anonymous: true
access_control:
- { path: /login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: /cms/user, roles: ROLE_ADMIN }
- { path: /.*, roles: IS_AUTHENTICATED_ANONYMOUSLY }
我对这些设置的印象是,只要点击/logout路由,会话就会被破坏,用户将被重定向到登录页面。然而,在尝试这样做时,我得到一个no route found错误。
我发现这段代码在这里的堆栈溢出…
$this->get('security.token_storage')->setToken(null);
$this->get('request')->getSession()->invalidate();
很好,但是我对Symfony太陌生了,我不知道把它放在哪里。Stack上的所有示例都给出了该代码,但没有说明如何实现它。我要这样写一个注销操作吗?
/**
* @Route("/logout")
*/
public function logoutAction() {
$this->get('security.token_storage')->setToken(null);
$this->get('request')->getSession()->invalidate();
//if this works how do I redirect to another route,
//specifically back to /login
return $this->render(
//do i need a template?
//do i need the array here?
);
}
无需在控制器中编写注销操作。您所要做的就是添加带有注销路径的路由。In app/config/routing.yml
:
user_logout:
path: /logout