我在我的應用中使用ZfcUser模塊來保護對/ admin路由的訪問。當我想阻止/管理所有childroutes,除/登錄,/註冊等zfcuser - 白名單路由和所有的孩子郵件路由
爲了做到這一點,我已經添加了從這裏接受的答案代碼 - Zend Framework 2 - Global check for authentication with ZFCUser
protected $whitelist = array('zfcuser/login', 'default');
public function onBootstrap($e)
{
$app = $e->getApplication();
$em = $app->getEventManager();
$sm = $app->getServiceManager();
$list = $this->whitelist;
$auth = $sm->get('zfcuser_auth_service');
$em->attach(MvcEvent::EVENT_ROUTE, function($e) use ($list, $auth) {
$match = $e->getRouteMatch();
// No route match, this is a 404
if (!$match instanceof RouteMatch) {
return;
}
// Route is whitelisted
$name = $match->getMatchedRouteName();
if (in_array($name, $list)) {
return;
}
// User is authenticated
if ($auth->hasIdentity()) {
return;
}
// Redirect to the user login page, as an example
$router = $e->getRouter();
$url = $router->assemble(array(), array(
'name' => 'zfcuser/login'
));
$response = $e->getResponse();
$response->getHeaders()->addHeaderLine('Location', $url);
$response->setStatusCode(302);
return $response;
}, -100);
}
它但是它也阻止了對根路由的訪問 - 而且還有很多這樣的路由,我並不想將每一條路由都添加到白名單中。有沒有辦法限制只訪問/管理路線?
是的,這個解決方案到目前爲止做的工作!謝謝你的明確解釋,你再次拯救我:-) – ficus
你永遠是歡迎的! :) – unclexo