-->

Silex/Symfony Security Firewall Access user token

2020-05-07 15:28发布

站内文章 / PHP
95 0 0

问题:

I use Silex and the SecurityProvider, my firewall :

$app->register(new Silex\Provider\SecurityServiceProvider(), array(
  'security.firewalls' => array(
    'user' => array(
      'pattern' => '^/user/',
      'form' => array(
        'login_path' => '/connexion',
        'check_path' => '/user/login_check',
        'default_target_path' => 'homepage_user'
        ),
      'logout' => array('logout_path' => '/user/deconnexion')
      ...
      )
    )
  ));

It works ! But I didn't find any way to access to the user object in the template, the symfony synthax doesn't work :

{{ app.user }}

So I add a new global in Twig like this :

$app['twig'] = $app->share($app->extend('twig', function($twig, $app) {
  $token = $app['security']->getToken();
  $user = ($token === null) ? null : $token->getUser();
  $twig->addGlobal('user', $user);
  return $twig;
}));

It works but not outside the secured area: $token is null

My question is simple : How can I access to the user outside of the secured area ?

Thank you

EDIT: I tried to add a firewall with anonymous = true, like this :

$app->register(new Silex\Provider\SecurityServiceProvider(), array(
  'security.firewalls' => array(
    'user' => array(
      'pattern' => '^/user/',
      'form' => array(
        'login_path' => '/connexion',
        'check_path' => '/user/login_check',
        'default_target_path' => 'homepage_user'
        ),
      'logout' => array('logout_path' => '/user/deconnexion'),
      ...
      ),
    'unsecured' => array(
      'anonymous' => true
      )
    )
  ));

But it doesn't work, outside of the secured area, when the user is logged, the token is "anon."

回答1:

But then what you need to do, is put that page under the firewall too. Change the firewall setting so / is the firewall, and add ACL so anonymous can also enter to /. Then you can have there user data.

Where you load in your header data, you check that the user is authenticated or not, cause this is the main thing, isGranted('IS_AUTHENTICATED_REMEMBERED') and depending on the result, you will include different template file.



回答2:

The user information is only available in secured areas, to get access also outside of these areas you must allow anonymous users as described in the documentation:

$app['security.firewalls'] = array(
'unsecured' => array(
    'anonymous' => true,

    // ...
),


标签: php security symfony silex
举报

收藏的人(0)

Ta的文章 更多文章
登录 后发表评论
0条评论
还没有人评论过~