0
我试图创建一个多帐户的猎人,以防止用户使用IP可以在我的应用程序中创建多个帐户。Symfony2 FOSUSerBundle boost multiaccount users
我创建了一个FOSUserBunde的登录事件监听器,这里是函数。
class FOSUserLoginListener implements EventSubscriberInterface
{
private $em;
private $userManager;
private $router;
private $requestStack;
private $mailer;
private $templating;
public function __construct(UserManager $usermanager, Router $router, RequestStack $requestStack, TwigEngine $templating, EntityManager $em, $mailer)
{
$this->em = $em;
$this->userManager = $usermanager;
$this->router = $router;
$this->requestStack = $requestStack;
$this->mailer = $mailer;
$this->templating = $templating;
}
/**
* {@inheritDoc}
*/
public static function getSubscribedEvents()
{
return array(
FOSUserEvents::SECURITY_IMPLICIT_LOGIN => 'onImplicitLogin',
SecurityEvents::INTERACTIVE_LOGIN => 'onSecurityInteractiveLogin',
);
}
public function onSecurityInteractiveLogin(InteractiveLoginEvent $event)
{
$user = $event->getAuthenticationToken()->getUser();
if ($user instanceof UserInterface) {
$lastIp = $this->requestStack->getCurrentRequest()->getClientIp();
if($this->multiAccountChecker($lastIp))
{
$this->sendAlertToBanEmail($user, $lastIp);
$user->setLastIP($lastIp)
->setLocked(true);
$this->userManager->updateUser($user);
$this->userManager->reloadUser($user);
}
$user->setLastIP($lastIp);
$this->userManager->updateUser($user);
}
}
它工作正常,除了一个小毛刺。当我检测到具有相同IP的多个帐户时,数据存储在数据库中,但正在记录的用户不会使用“此帐户已锁定”消息关闭会话。
有人可以给我一些线索,以确保在多帐户的情况下用户被拒绝访问?