我是Symfony2
的新用戶並使用fosuserbundle
。
我創建了一個小型項目,使用fosuserbundle
,它有一個註冊,登錄,2個表單組成的單選按鈕可供選擇並在登錄或註冊後提交以及註銷。
問題是after a person logs out
和if he/she types in the url of the form say
(link for the first form of the project)或(link for the second form of the project)then the forms display !!!!
。
我想,以確保這些鏈接並顯示這些鏈接只有當用戶已經登錄。如何在fosuserbundle中保護Symfony項目的URL?
routing.yml
InstituteProjectevents_student_homepage:
path: /hello/{name}
defaults: { _controller: InstituteProject:Default:index }
InstituteProjectevents_student_formpage:
path: /form
defaults: { _controller: InstituteProject:Default:form }
InstituteProjectevents_student_form:
path: /forms
defaults: { _controller: InstituteProject:Default:billboard }
InstituteProjectevents_student_eventsdayonedisplay:
path: /eventsdayonedisplay
defaults: { _controller: InstituteProject:Default:eventsdayonedisplay }
InstituteProjectevents_student_eventsdaytwodisplay:
path: /eventsdaytwodisplay
defaults: { _controller: InstituteProject:Default:eventsdaytwodisplay }
InstituteProjectevents_student_eventsregistered:
path: /eventsregistered
defaults: { _controller: InstituteProject:Default:eventsregistered }
fos_user_security_login:
path: /login
defaults: { _controller: InstituteProject:Security:login }
fos_user_security_check:
path: /login_check
defaults: { _controller: InstituteProject:Security:check }
fos_user_security_logout:
path: /logout
defaults: { _controller: InstituteProject:Security:logout }
fos_user_profile_show:
path:/
defaults: { _controller: InstituteProject:Profile:show }
fos_user_profile_edit:
path: /edit
defaults: { _controller: InstituteProject:Profile:edit }
fos_user_registration_register:
path:/
defaults: { _controller: InstituteProject:Registration:register }
fos_user_registration_check_email:
path: /check-email
defaults: { _controller: InstituteProject:Registration:checkEmail }
fos_user_registration_confirm:
path: /confirm/{token}
defaults: { _controller: InstituteProject:Registration:confirm }
fos_user_registration_confirmed:
path: /confirmed
defaults: { _controller: InstituteProject:Registration:confirmed }
Security.yml
# app/config/security.yml
security:
encoders:
FOS\UserBundle\Model\UserInterface: sha512
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: ROLE_ADMIN
providers:
fos_userbundle:
id: fos_user.user_provider.username
firewalls:
main:
pattern: ^/
form_login:
provider: fos_userbundle
csrf_provider: form.csrf_provider
default_target_path: /forms
logout:
path: fos_user_security_logout
target: fos_user_security_login
anonymous: true
access_control:
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/, role: ROLE_ADMIN }
RegistrationController.php
<?php
/*
* This file is part of the FOSUserBundle package.
*
* (c) FriendsOfSymfony <http://friendsofsymfony.github.com/>
*
* For the full copyright and license information, please view the LICENSE
* file that was distributed with this source code.
*/
namespace InstituteProjecteventsBundle\Controller;
use FOS\UserBundle\FOSUserEvents;
use FOS\UserBundle\Event\FormEvent;
use FOS\UserBundle\Event\GetResponseUserEvent;
use FOS\UserBundle\Event\FilterUserResponseEvent;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpKernel\Exception\NotFoundHttpException;
use Symfony\Component\Security\Core\Exception\AccessDeniedException;
use FOS\UserBundle\Model\UserInterface;
/**
* Controller managing the registration
*
* @author Thibault Duplessis <[email protected]>
* @author Christophe Coevoet <[email protected]>
*/
class RegistrationController extends Controller
{
public function registerAction(Request $request)
{
/** @var $formFactory \FOS\UserBundle\Form\Factory\FactoryInterface */
$formFactory = $this->get('fos_user.registration.form.factory');
/** @var $userManager \FOS\UserBundle\Model\UserManagerInterface */
$userManager = $this->get('fos_user.user_manager');
/** @var $dispatcher \Symfony\Component\EventDispatcher\EventDispatcherInterface */
$dispatcher = $this->get('event_dispatcher');
$user = $userManager->createUser();
$user->setEnabled(true);
$event = new GetResponseUserEvent($user, $request);
$dispatcher->dispatch(FOSUserEvents::REGISTRATION_INITIALIZE, $event);
if (null !== $event->getResponse()) {
return $event->getResponse();
}
$form = $formFactory->createForm();
$form->setData($user);
$form->handleRequest($request);
if ($form->isValid()) {
$event = new FormEvent($form, $request);
$dispatcher->dispatch(FOSUserEvents::REGISTRATION_SUCCESS, $event);
$userManager->updateUser($user);
if (null === $response = $event->getResponse()) {
$url = $this->generateUrl('fos_user_registration_confirmed');
$response = new RedirectResponse($url);
}
$dispatcher->dispatch(FOSUserEvents::REGISTRATION_COMPLETED, new FilterUserResponseEvent($user, $request, $response));
return $response;
}
return $this->render('FOSUserBundle:Registration:register.html.twig', array(
'form' => $form->createView(),
));
}
/**
* Tell the user to check his email provider
*/
public function checkEmailAction()
{
$email = $this->get('session')->get('fos_user_send_confirmation_email/email');
$this->get('session')->remove('fos_user_send_confirmation_email/email');
$user = $this->get('fos_user.user_manager')->findUserByEmail($email);
if (null === $user) {
throw new NotFoundHttpException(sprintf('The user with email "%s" does not exist', $email));
}
return $this->render('FOSUserBundle:Registration:checkEmail.html.twig', array(
'user' => $user,
));
}
/**
* Receive the confirmation token from user email provider, login the user
*/
public function confirmAction(Request $request, $token)
{
/** @var $userManager \FOS\UserBundle\Model\UserManagerInterface */
$userManager = $this->get('fos_user.user_manager');
$user = $userManager->findUserByConfirmationToken($token);
if (null === $user) {
throw new NotFoundHttpException(sprintf('The user with confirmation token "%s" does not exist', $token));
}
/** @var $dispatcher \Symfony\Component\EventDispatcher\EventDispatcherInterface */
$dispatcher = $this->get('event_dispatcher');
$user->setConfirmationToken(null);
$user->setEnabled(true);
$event = new GetResponseUserEvent($user, $request);
$dispatcher->dispatch(FOSUserEvents::REGISTRATION_CONFIRM, $event);
$userManager->updateUser($user);
if (null === $response = $event->getResponse()) {
$url = $this->generateUrl('fos_user_registration_confirmed');
$response = new RedirectResponse($url);
}
$dispatcher->dispatch(FOSUserEvents::REGISTRATION_CONFIRMED, new FilterUserResponseEvent($user, $request, $response));
return $response;
}
/**
* Tell the user his account is now confirmed
*/
public function confirmedAction()
{
$user = $this->getUser();
if (!is_object($user) || !$user instanceof UserInterface) {
throw new AccessDeniedException('This user does not have access to this section.');
}
//Get current time and date
date_default_timezone_set('Europe/Paris');
$current_date = date('Y/m/d h:i:s a', time());
//Set expiration date
$deadline1 = $this->container->getParameter('deadline_day1');
$date = date_create($deadline1, timezone_open("Europe/Paris"));
if ($current_date > date_format($date, "Y/m/d h:i:s a")) {
return $this->render('InstituteProject:Default:registrationsclosed.html.twig');
}
return $this->render('InstituteProject:Default:confirmed.html.twig', array(
'user' => $user,
));
}
}
謝謝阿希克·肖貝編輯這個問題。 – 2014-12-05 09:24:48