如何设置对 symfony 的访问

Posted 2023-02-16

【中文标题】如何设置对 symfony 的访问

【英文标题】：How to set access to symfony

【发布时间】：2019-10-26 06:47:33

【问题描述】：

我正在使用 symfony 4 和 fosuserbundle。

我有一个动态网址，用于设置语言快捷方式。 example.com/en

这将是用户登录时的默认 url。但是当他们没有登录时，他们会重定向到 example.com/en/login

在 route.yaml 我有以下路线

controllers:
    resource: '../src/Controller/'
    type: annotation
    prefix: /_locale
    requirements:
        _locale: '%app_locales%'
    defaults:
        _locale: '%locale%'

home:
    path: /
    controller: App\Controller\DefaultController::index

fos_user_security:
    prefix: /_locale
    resource: "@FOSUserBundle/Resources/config/routing/security.xml"

fos_user_registration:
    prefix: /_locale/register
    resource: "@FOSUserBundle/Resources/config/routing/registration.xml"

fos_user_resetting:
    prefix: /_locale/resetting
    resource: "@FOSUserBundle/Resources/config/routing/resetting.xml"

fos_user_profile:
    prefix: /_locale/profile
    resource: "@FOSUserBundle/Resources/config/routing/profile.xml"

在security.yaml中

security:
    encoders:
        App\Entity\User: plaintext

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER

    # https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
    providers:
        fos_userbundle:
            id: fos_user.user_provider.username_email

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        secured_area:
            # this firewall applies to all URLs
            pattern: ^/

            # but the firewall does not require login on every page
            # denying access is done in access_control or in your controllers
            anonymous: ~

            # This allows the user to login by submitting a username and password
            # Reference: http://symfony.com/doc/current/cookbook/security/form_login_setup.html
            form_login:
                # fos user bundle handles the form login
                #provider: fos_userbundle
                # The route name that the login form submits to
                check_path: fos_user_security_check
                # The name of the route where the login form lives
                # When the user tries to access a protected page, they are redirected here
                login_path: fos_user_security_login
                # Secure the login form against CSRF
                # Reference: http://symfony.com/doc/current/cookbook/security/csrf_in_login_form.html
                csrf_token_generator: security.csrf.token_manager

            logout:
                # The route name the user can go to in order to logout
                path: fos_user_security_logout
                # The name of the route to redirect to after logging out
                target: homepage

    # Easy way to control access for large sections of your site
    # Note: Only the *first* access control that matches will be used
    access_control:
        -  path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY 
        -  path: ^/, roles: ROLE_USER 
        # -  path: ^/admin, roles: ROLE_ADMIN 
        # -  path: ^/profile, roles: ROLE_USER 

但是当我现在尝试打开该站点时，我总是收到权限被拒绝错误。

当我将第二条路径中的角色从“ROLE_USER”更改为 IS_AUTHENTICATED_ANONYMOUSLY 时，页面将打开，同时带有“登录”的链接，登录页面将正确打开并且我可以登录，但页面应该是“登录”- 仅限页面。

我认为我必须在 access_control 的路径中写一些东西，但我没有得到我必须在那里写的东西。

当我设置 access_denid_url 时，它也不起作用。

感谢您的帮助。

更新：

我在这里尝试以下设置：

access_denied_url:
    /[a-z]2/login
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
    -  path: ^/[a-z]2/login$, role: IS_AUTHENTICATED_ANONYMOUSLY 
    -  path: ^/, roles: ROLE_USER 
    # -  path: ^/admin, roles: ROLE_ADMIN 
    # -  path: ^/profile, roles: ROLE_USER 

文件“config/packages/security.yaml”不包含有效的 YAML：“/login$”附近出现意外字符

【参考方案1】：

我相信你在- path: ^/[a-z]2/login$, role: IS_AUTHENTICATED_ANONYMOUSLY 中的正则表达式

应该用引号引起来（单引号或双引号），这样做：

-  path: '^/[a-z]2/login$', role: IS_AUTHENTICATED_ANONYMOUSLY