重定向到“/login”;如果没有登录 - Redirect to "/login" if is not logged in

Redirect to "/login" if is not logged in

我需要将所有人重定向到路由/login，如果:

/路由(app.php或app_dev.php)访问
尝试访问任何受限区域和客户端属于组或有正确的凭据，但它没有登录(不确定这将是必要的，因为也许Symfony处理这部分)

所以我在security.yml:

中这样做了

security:
    encoders:
        FOS'UserBundle'Model'UserInterface: sha512
    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: ROLE_ADMIN
    providers:
        fos_userbundle:
            id: fos_user.user_provider.username_email
    firewalls:
        main:
            pattern: ^/
            anonymous: ~
            form_login:
                provider: fos_userbundle
                csrf_provider: form.csrf_provider
            logout:       true
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
    access_control:
        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/admin/, role: ROLE_ADMIN }

在routing.yml中:

common:
    resource: "@CommonBundle/Controller/"
    type:     annotation
    options:
        expose: true
user:
    resource: "@UserBundle/Controller/"
    type:     annotation
    options:
        expose: true
# FOSUserBundle Routes
fos_user_security:
    resource: "@FOSUserBundle/Resources/config/routing/security.xml"
fos_user_profile:
    resource: "@FOSUserBundle/Resources/config/routing/profile.xml"
    prefix: /profile
fos_user_register:
    resource: "@FOSUserBundle/Resources/config/routing/registration.xml"
    prefix: /register
fos_user_resetting:
    resource: "@FOSUserBundle/Resources/config/routing/resetting.xml"
    prefix: /resetting
fos_user_change_password:
    resource: "@FOSUserBundle/Resources/config/routing/change_password.xml"
    prefix: /profile
fos_user_group:
    resource: "@FOSUserBundle/Resources/config/routing/group.xml"
    prefix: /group
#FOSJsRouting
fos_js_routing:
    resource: "@FOSJsRoutingBundle/Resources/config/routing/routing.xml"

任何时候我访问app_dev.php我去CommonController.php在indexAction()和不重定向登录，我错过了什么?

您需要通过向access_control添加一条规则，使整个站点对未经过身份验证的用户关闭。但是，要确保/login是该规则的一个例外，将异常放在它前面。

access_control:
- { path: ^/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, role: ROLE_USER }

将此添加为访问控制的最后一行:

- { path: ^/, role: ROLE_USER }

ROLE_USER表示任何用户，您可以使用ROLE_ADMIN来限制对admins的访问。您还应该向列表中添加另一个路由。在控制器或你的模板中有更多的方法使用' is_granting '方法。要了解更多信息，请阅读Symfony关于安全性的文档。