0
爲什麼在我的調試面板中看到「您沒有通過身份驗證」。這個我有printscreen這個我想printscreen 我使用symfony_book,如果我有家裏的所有工作正常,但:Symfony安全驗證
在我的變種,用戶在其他網站進行身份驗證和我的網站我有用戶數據的GET方法 - EMAIL ,密鑰和參考
http://aog.local/app_dev.php/auth/[email protected]/962cc9a06924034d1285e8d75b2faf2d/00223311121
怎麼有這個我可以做認證,我如何驗證出現全局變量用戶printscreen ????
我創建auth服務有點這項服務無法驗證
我使用Symfony的2.6,並有實體開發者和用戶擴展的suser - >的suser實現的UserInterface thgis是路由面向auth:
#Enter routing
artel_profile_auth:
path: /auth/{email}/{secretKey}/{referenceId}
defaults: { _controller: ArtelProfileBundle:DeveloperProfile:auth }
login_route:
path: /login
defaults: { _controller: ArtelProfileBundle:Security:login }
login_check:
path: /login_check
defaults: { _controller: ArtelProfileBundle:Security:securityCheck }
index:
pattern: /
defaults: { _controller: ArtelProfileBundle:Security:index }
和行動:
public function authAction($email, $secretKey, $referenceId)
{
$authenticator = $this->get('artel.profile.authenticator');
try {
$authDeveloper = $authenticator->auth($email, $secretKey, $referenceId);
return $this->redirect($this->generateUrl('artel_profile_homepage', array('username' => $authDeveloper->getUsername())) .'#personal-information');
} catch (\Exception $error) {
return new Response($error->getCode() . ': '.$error->getMessage());
}
}
和artel.profile.authenticator:
<?php
namespace Artel\ProfileBundle\Helper;
class Authenticator
{
const SESSION_NAME = 'developer_auth';
private $session;
private $secretAppKey;
private $developerRepository;
private $codeuserreferenceRepository;
public function __construct($session, $secretAppKey, $developerRepository, $codeuserreferenceRepository)
{
$this->session = $session;
$this->secretAppKey = $secretAppKey;
$this->developerRepository = $developerRepository;
$this->codeuserreferenceRepository = $codeuserreferenceRepository;
}
public function auth($email, $secretKey, $referenceId)
{
$this->validateSecretAppKey($secretKey, $referenceId);
//todo: We need to match $referenceId with email in validateDeveloper
$developer = $this->validateDeveloper($referenceId);
$this->setSession($developer);
return $developer;
}
public function authAdmin($email, $secretKey, $referenceId)
{
$this->validateSecretAppKey($secretKey, $referenceId);
//todo: We need to match $referenceId with email in validateDeveloper
$developer = $this->validateAdminDeveloper($referenceId);
$this->setSession($developer);
return $developer;
}
public function check($developer)
{
$result = false;
$session = $this->session->get(self::SESSION_NAME);
if ($session && $session == $developer->getId()) {
$result = true;
}
return $result;
}
public function logout()
{
$this->session->remove(self::SESSION_NAME);
}
protected function validateDeveloper($referenceId)
{
$code_user_reference = $this->codeuserreferenceRepository->findOneByCodereference($referenceId);
$id = $code_user_reference->getDeveloper()->getId();
$developer = $this->developerRepository->findOneById($id);
if (! $developer) {
$this->exception('developer not found', 100);
}
return $developer;
}
protected function validateAdminDeveloper($referenceId)
{
$code_user_reference = $this->codeuserreferenceRepository->findOneByCodereference($referenceId);
$id = $code_user_reference->getDeveloper()->getId();
$developer = $this->developerRepository->findOneById($id);
$role = $developer->getRole();
if ($role != 'ROLE_ADMIN') {
$this->exception('developer not Admin', 100);
}
return $developer;
}
protected function validateSecretAppKey($secretKey, $referenceId)
{
if ($secretKey != md5($referenceId.$this->secretAppKey)) {
$this->exception('secret ket is not valid', 101);
}
}
protected function setSession($developer)
{
$this->session->set(self::SESSION_NAME, $developer->getId());
}
protected function exception($message, $code)
{
throw new \Exception($message, $code);
}
}
但在調試面板中:「您沒有通過身份驗證。 「 這是我secyrity,也許問題|
security:
encoders:
Artel\ProfileBundle\Entity\Users:
algorithm: sha1
encode_as_base64: false
iterations: 1
Artel\ProfileBundle\Entity\Developers:
algorithm: sha1
encode_as_base64: false
iterations: 1
Symfony\Component\Security\Core\User\User: plaintext
role_hierarchy:
ROLE_CLIENT: ROLE_USER
ROLE_COMPANY: ROLE_USER
ROLE_FREELANCER: ROLE_USER
ROLE_ADMIN: [ROLE_MODERATOR, ROLE_CLIENT, ROLE_COMPANY, ROLE_FREELANCER]
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_MODERATOR, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
chain_provider:
chain:
providers: [user_db, user_dev, in_memory]
providers: [user_dev, in_memory]
user_db:
entity: { class: Artel\ProfileBundle\Entity\Users, property: email }
user_dev:
entity: { class: Artel\ProfileBundle\Entity\Developer, property: email }
in_memory:
memory:
users:
admin_tyty: { password: adminpass_tyty, roles: [ 'ROLE_ADMIN' ] }
firewalls:
default:
anonymous: ~
http_basic: ~
form_login:
login_path: /login
check_path: /login_check
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: ROLE_ADMIN }
在我的變種,用戶在其他網站進行身份驗證和我的地盤我有GET方法的用戶數據 - 電子郵件,密鑰和參考
?http://aog.local/app_dev.php/auth/[email protected]/962cc9a06924034d1285e8d75b2faf2d/00223311121
在我的變種,用戶在其他網站進行身份驗證和我的地盤我有GET方法的用戶數據, 'HTTP:// aog.local/app_dev.php/auth /中安閣@ gmail.com/962cc9a06924034d1285e8d75b2faf2d/00223311121' 我創建auth服務位,此服務未驗證 –
像我的項目工作中的食譜和主頁。但我有來自另一個網站的GET網址。我更新我的問題 –
如果你有一個無狀態的應用程序,那麼你將無法在那裏驗證你的用戶,所以你應該找到一種方法,比如oAuth做一些驗證,以獲得你在問題中發佈的第二個打印屏幕。 – Rvanlaak