FOS用戶捆綁確認鏈接強制您登錄

Question

我被要求將確認電子郵件添加到CRM中，然後用戶將註冊，然後發送一封帶有鏈接的電子郵件進行確認以啓用其帳戶。但是，無論何時鏈接被點擊，它都會立即重定向到登錄頁面，因爲他們沒有確認它，所以這是毫無用處的。我試圖將其排除在security.yml文件中，但至今沒有運氣。

我已經試過：

- { path: ^/register/*, role: IS_AUTHENTICATED_ANONYMOUSLY } 

- { path: ^/confirm/, role: IS_AUTHENTICATED_ANONYMOUSLY } 

- { path: ^/register/confirm/*, role: IS_AUTHENTICATED_ANONYMOUSLY } 

但所有這些似乎工作。

按照要求，對於FOS登記的路由文件：

<?xml version="1.0" encoding="UTF-8" ?> 

<routes xmlns="http://symfony.com/schema/routing" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
    xsi:schemaLocation="http://symfony.com/schema/routing http://symfony.com/schema/routing/routing-1.0.xsd"> 

    <route id="fos_user_registration_register" path="/" methods="GET POST"> 
     <default key="_controller">FOSUserBundle:Registration:register</default> 
    </route> 

    <route id="fos_user_registration_check_email" path="/check-email" methods="GET"> 
     <default key="_controller">FOSUserBundle:Registration:checkEmail</default> 
    </route> 

    <route id="fos_user_registration_confirm" path="/confirm/{token}" methods="GET"> 
     <default key="_controller">FOSUserBundle:Registration:confirm</default> 
    </route> 

    <route id="fos_user_registration_confirmed" path="/confirmed" methods="GET"> 
     <default key="_controller">FOSUserBundle:Registration:confirmed</default> 
    </route> 

</routes> 

FOS用戶配置：

fos_user: 
    db_driver: orm 
    firewall_name: main 
    user_class: AppBundle\Entity\User 
    registration: 
     confirmation: 
      enabled: true 
      template: emails/registration.html.twig 
      from_email: 
       address:  noreply@siteemail.co.uk 
       sender_name: #sender name here# 
    resetting: 
     email: 
      from_email: 
       address:  noreply@siteemail.co.uk 
       sender_name: #sender name here# 
      template: emails/password_reset.html.twig 

Symfony的3.1/FOS用戶捆綁2.0 任何幫助理解。

Answer 1

恕我直言，因爲確認路線是path="/confirm/{token}"那麼您必須允許^/(confirm/){1}.+路徑在security.yml中匿名認證，因爲在確認過程中用戶還沒有通過認證。

所以編輯seciruty.yml到：- { path: '^/(confirm/){1}.+', role: IS_AUTHENTICATED_ANONYMOUSLY }

同時檢查網址的註冊電子郵件 - 它應該指向example.com/confirmation/???

Answer 2

檢查security.yml 這種配置有工作！

## app/config/security.yml 

## ... 

firewalls: 
    # This firewall is used to handle the public login area 
    # This part is handled by the FOS User Bundle 
    main: 
     pattern: ^/ 
     form_login: 
      # redirect to "/login" path if you aren't an admin 
      login_path: fos_user_security_login 
      check_path: fos_user_security_check 
      provider: fos_userbundle 
      #csrf_provider: form.csrf_provider 
      #always_use_default_target_path: true 
      #default_target_path: homepage 
      csrf_token_generator: security.csrf.token_manager 

     remember_me: 
      secret: '%secret%' 
      lifetime: 604800 
      domain: ".%domain_name%" 
      always_remember_me: true 
     anonymous: true 
     logout: 
      path: fos_user_security_logout 

另外，在同一security.yml您可以添加此行：

access_control: 
     - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY } 
     - { path: ^/logout$, role: IS_AUTHENTICATED_ANONYMOUSLY } 
     - { path: ^/login_check$, role: IS_AUTHENTICATED_ANONYMOUSLY } 
     - { path: ^/resetting, role: IS_AUTHENTICATED_ANONYMOUSLY } 

這個配置應該工作。 還有一些具有確定主機的另一種方法：

access_control: 
     - { path: ^/logout$,  host: ^%domain_name%$,   roles: IS_AUTHENTICATED_ANONYMOUSLY } 
     - { path: ^/login$,   host: ^%domain_name%$,   roles: IS_AUTHENTICATED_ANONYMOUSLY } 
     - { path: ^/register,  host: ^%domain_name%$,   roles: IS_AUTHENTICATED_ANONYMOUSLY } 
     - { path: ^/resetting,  host: ^%domain_name%$,   roles: ROLE_USER } 

%domain_name% - 是您的域名即example.com，你應該在app/config/parameters.yml