我需要将所有人重定向到路由/login
,如果:
-
/
路由(app.php
或app_dev.php
)访问 - 尝试访问任何受限区域和客户端属于组或有正确的凭据,但它没有登录(不确定这将是必要的,因为也许Symfony处理这部分)
所以我在security.yml
:
security:
encoders:
FOS'UserBundle'Model'UserInterface: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
providers:
fos_userbundle:
id: fos_user.user_provider.username_email
firewalls:
main:
pattern: ^/
anonymous: ~
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
logout: true
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
在routing.yml
中:
common:
resource: "@CommonBundle/Controller/"
type: annotation
options:
expose: true
user:
resource: "@UserBundle/Controller/"
type: annotation
options:
expose: true
# FOSUserBundle Routes
fos_user_security:
resource: "@FOSUserBundle/Resources/config/routing/security.xml"
fos_user_profile:
resource: "@FOSUserBundle/Resources/config/routing/profile.xml"
prefix: /profile
fos_user_register:
resource: "@FOSUserBundle/Resources/config/routing/registration.xml"
prefix: /register
fos_user_resetting:
resource: "@FOSUserBundle/Resources/config/routing/resetting.xml"
prefix: /resetting
fos_user_change_password:
resource: "@FOSUserBundle/Resources/config/routing/change_password.xml"
prefix: /profile
fos_user_group:
resource: "@FOSUserBundle/Resources/config/routing/group.xml"
prefix: /group
#FOSJsRouting
fos_js_routing:
resource: "@FOSJsRoutingBundle/Resources/config/routing/routing.xml"
任何时候我访问app_dev.php
我去CommonController.php
在indexAction()
和不重定向登录,我错过了什么?
您需要通过向access_control
添加一条规则,使整个站点对未经过身份验证的用户关闭。但是,要确保/login
是该规则的一个例外,将异常放在它前面。
access_control:
- { path: ^/login, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, role: ROLE_USER }
将此添加为访问控制的最后一行:
- { path: ^/, role: ROLE_USER }
ROLE_USER表示任何用户,您可以使用ROLE_ADMIN来限制对admins的访问。您还应该向列表中添加另一个路由。在控制器或你的模板中有更多的方法使用' is_granting '方法。要了解更多信息,请阅读Symfony关于安全性的文档。