我有一个用于登录用户的安全区域像这样-->
firewalls:
members_secured_area:
pattern: ^/
provider: entity_searchers
anonymous: ~
form_login:
check_path: /searchers/login_check
login_path: /searchers/login
default_target_path: /searchers/
logout:
path: /searchers/logout
target: /searchers/login
crm_secured_area:
pattern: ^/crm/
provider: entity_crmusers
anonymous: ~
form_login:
check_path: /crm/login_check
login_path: /crm/login
default_target_path: /crm/customers
logout:
path: /crm/logout
target: /crm/login
remember_me:
#token_provider: entity_crmusers
key: someS3cretKey
name: NameOfTheCookie
lifetime: 3600 # in seconds
secure: false
httponly: true
always_remember_me: false
remember_me_parameter: _remember_me
access_control:
members_login:
path: /searchers/login
roles: IS_AUTHENTICATED_ANONYMOUSLY
members_register:
path: /searchers/register
roles: IS_AUTHENTICATED_ANONYMOUSLY
members_area:
path: /searchers/.*
roles: ROLE_USER
crm_login:
path: /crm/login
roles: IS_AUTHENTICATED_ANONYMOUSLY
crm_register:
path: /crm/register
roles: IS_AUTHENTICATED_ANONYMOUSLY
crm_area:
path: /crm/.*
roles: ROLE_CRM
所以当用户在安全区域中时,我可以看到他被登录了,但当他回到主页或mysite.com/about页面时我不知道他是否登录了。。。
有办法知道吗?
在控制器中,您可以使用$this->getUser()获取用户。当用户被记录时,它会返回user类的一个实例,否则它会返回NULL,因此您可以执行以下操作:
$user = $this->getUser();
$is_logged = isset($user);
$is_logd是布尔值,如果用户已登录则为true,否则为false。
您只能在安全区域下获得有效用户(估计通过pattern
)。因此,与给定pattern
不匹配的所有内容都不在防火墙下,并且没有用户令牌。你可以通过保护整个网站并使用新的访问规则来改变这一点
firewalls:
crm_secured_area:
pattern: ^/crm/
# ... stuff
members_secured_area:
pattern: ^/
anonymous: ~
# ... all other config
access_control:
# ... all your existing access rules
- { path: ^/, role: IS_AUTHENTICATED_ANONYMOUSLY }
最后一条规则允许所有尚未匹配任何规则的路由匿名访问它们,并且您可以访问所有控制器中的用户令牌(如果其中一个已验证)。
找到这个解决方案,只需将其放在主站点的模式中:^/(?!crm)意味着不包括文件夹crm。
防火墙:成员安全区域:模式:^/(?!crm)提供程序:entity_searchers匿名:~表单登录(_L):check_path:/searchers/login_checklogin_path:/searchers/logindefault_target_path:/searchers/注销:路径:/searchers/logoout目标:/searchers/login
crm_secured_area:
pattern: ^/crm/
provider: entity_crmusers
anonymous: ~
form_login:
check_path: /crm/login_check
login_path: /crm/login
default_target_path: /crm/customers
logout:
path: /crm/logout
target: /crm/login
remember_me:
#token_provider: entity_crmusers
key: someS3cretKey
name: NameOfTheCookie
lifetime: 3600 # in seconds
secure: false
httponly: true
always_remember_me: false
remember_me_parameter: _remember_me