1. 首页
  2. 问答
  3. Silex2:覆盖`DaoAuthenticationProvider`类的`checkAuthentication`方法

Silex2:覆盖`DaoAuthenticationProvider`类的`checkAuthentication`方法

2017-06-29 110 views
1

使用Silex 2,我坚持了几个小时才找到一种方法来覆盖DaoAuthenticationProvider类的checkAuthentication方法?Silex2:覆盖`DaoAuthenticationProvider`类的`checkAuthentication`方法

关于上下文:我使用自定义UserToken定义了身份验证侦听器和提供程序。

$app['security.authentication_listener.factory.sds'] = $app->protect(function ($name, $options) use ($app) { 
    // define the authentication provider object 
    $app['security.authentication_provider.'.$name.'.sds'] = function() use ($app) { 
     return new CustomAuthenticationProvider($app['user.provider'], $app['security.encoder_factory']); 
    }; 

    // define the authentication listener object 
    $app['security.authentication_listener.'.$name.'.sds'] = function() use ($app) { 
     return new CustomAuthenticationListener($app['security.token_storage'], $app['security.authentication_manager']); 
    }; 

    return array(
     // the authentication provider id 
     'security.authentication_provider.'.$name.'.sds', 
     // the authentication listener id 
     'security.authentication_listener.'.$name.'.sds', 
     // the entry point id 
     null, 
     // the position of the listener in the stack 
     'pre_auth' 
    ); 
});

但我需要自定义的DaoAuthenticationProvidercheckAuthentication当自定义身份验证提供利润归还成功进行身份验证令牌自动调用。

protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token) 
{ 
    $currentUser = $token->getUser(); 
    if ($currentUser instanceof UserInterface) { 
     if ($currentUser->getPassword() !== $user->getPassword()) { 
      throw new BadCredentialsException('The credentials were changed from another session.'); 
     } 
    } else { 
     if ('' === ($presentedPassword = $token->getCredentials())) { 
      throw new BadCredentialsException('The presented password cannot be empty.'); 
     } 

     if (!$this->encoderFactory->getEncoder($user)->isPasswordValid($user->getPassword(), $presentedPassword, $user->getSalt())) { 
      throw new BadCredentialsException('The presented password is invalid.'); 
     } 
    } 
}

解决方案

这样定义在app.php:

$app['security.authentication_provider.dao._proto'] = $app->protect(function ($name) use($app) { 
    return new \Trilogis\Classes\CustomUserAuthenticationProvider(
     $app['security.user_provider.' . $name], 
     $app['security.user_checker'], 
     $name, 
     $app['security.encoder_factory'] 
    ); 
});

来源

2017-06-29 sdespont

回答

2

您可以自定义的身份验证提供者,你可以从DaoAuthenticationProvider的时候扩展它。并在应用程序中重新定义身份验证提供程序定义:

... 

$app['security.authentication_provider.sds.dao'] = function() { 
    return new MyAuthenticationProvider(
     $app['security.user_provider.sds'], 
     $app['security.user_checker'], 
     'sds', 
     $app['security.encoder_factory'], 
     $app['security.hide_user_not_found'] 
    ); 
}; 

$app['security.authentication_listener.sds.form'] = function() { 
    return new CustomAuthenticationListener($app['security.token_storage'], $app['security.authentication_manager']); 
}; 

... 

$app->run();

来源

2017-06-29 13:47:20

+0

感谢您的帮助。在你的例子中,MyAuthenticationProvider是一个扩展UserAuthenticationProvider的类吗?这段代码必须是$ app ['security.authentication_listener.factory.sds']配置文件的一部分,还是之前/之后声明的? – sdespont

+0

1 - 在我的例子中 - 是的,2 - 我认为没有必要重新定义'security.authentication_listener.factory'。只是重新定义了听众。我改变了答案。 –

+0

谢谢,你给我提示我需要弄明白这一点。干净的解决方案在我问的问题的最后。 – sdespont

相关问题

 相关问题