Symfony sfDoctrineGuardPlugin custom login query

2019-05-11 00:10发布

站内问答 / 前沿技术
837 3 5

I use symfony sfDoctrineGuardPlugin to manage authentication for both frontend users and backend users. It's fine, except that I don't want frontend users to be able to login to the backend app. I can setup credentials, but credentials are checked after a user gets authenticated. What I want is to have sigin in form to never validate for a user, that is not in a backend group. How can I do this?

3条回答
等我变得足够好
2楼-- · 2019-05-11 00:16

I think I found a better solution. sfDoctrineGuard plugin has its own post validator that checks for an optional callable for user retrival.

//app.yml
all:
  sf_guard_plugin:
    retrieve_by_username_callable: sfGuardUser::getForBackend

//sfGuardUser.class.php

  public static function getForBackend($username)
  {
    $query = Doctrine::getTable('sfGuardUser')->createQuery('u')
      ->leftJoin('u.Groups g')
      ->leftJoin('g.Permissions p')
      ->where('u.username = ? OR u.email_address = ?', array($username, $username))
      ->addWhere('u.is_active = ?', true)
      ->addWhere('p.name = ?', 'backend');

    return $query->fetchOne();
  }
查看更多
0人赞 添加讨论(0) 举报
祖国的老花朵
3楼-- · 2019-05-11 00:23

I think you just have to add:

  storage:
    class: sfSessionStorage
    param:
      session_name: sf_backend

at the end of your backend/config/factories.yml By default, symfony shares session cookies, with this solution, symfony separate this cookies.

查看更多
0人赞 添加讨论(0) 举报
小情绪 Triste *
4楼-- · 2019-05-11 00:41

Here's one idea: You could try creating a custom post-validator for the login form. Here's a Google result:

http://www.symfony-project.org/blog/2008/09/05/call-the-expert-how-to-implement-a-conditional-validator

In this validator, you could check whether the user belongs to the group in question and then throw an error accordingly. The user would not get authenticated.

查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(5)