0
为什么在我的调试面板中看到“您没有通过身份验证”。这个我有printscreen这个我想printscreen 我使用symfony_book,如果我有家里的所有工作正常,但:Symfony安全验证
在我的变种,用户在其他网站进行身份验证和我的网站我有用户数据的GET方法 - EMAIL ,密钥和参考
http://aog.local/app_dev.php/auth/[email protected]/962cc9a06924034d1285e8d75b2faf2d/00223311121
怎么有这个我可以做认证,我如何验证出现全局变量用户printscreen ????
我创建auth服务有点这项服务无法验证
我使用Symfony的2.6,并有实体开发者和用户扩展的suser - >的suser实现的UserInterface thgis是路由面向auth:
#Enter routing
artel_profile_auth:
path: /auth/{email}/{secretKey}/{referenceId}
defaults: { _controller: ArtelProfileBundle:DeveloperProfile:auth }
login_route:
path: /login
defaults: { _controller: ArtelProfileBundle:Security:login }
login_check:
path: /login_check
defaults: { _controller: ArtelProfileBundle:Security:securityCheck }
index:
pattern: /
defaults: { _controller: ArtelProfileBundle:Security:index }
和行动:
public function authAction($email, $secretKey, $referenceId)
{
$authenticator = $this->get('artel.profile.authenticator');
try {
$authDeveloper = $authenticator->auth($email, $secretKey, $referenceId);
return $this->redirect($this->generateUrl('artel_profile_homepage', array('username' => $authDeveloper->getUsername())) .'#personal-information');
} catch (\Exception $error) {
return new Response($error->getCode() . ': '.$error->getMessage());
}
}
和artel.profile.authenticator:
<?php
namespace Artel\ProfileBundle\Helper;
class Authenticator
{
const SESSION_NAME = 'developer_auth';
private $session;
private $secretAppKey;
private $developerRepository;
private $codeuserreferenceRepository;
public function __construct($session, $secretAppKey, $developerRepository, $codeuserreferenceRepository)
{
$this->session = $session;
$this->secretAppKey = $secretAppKey;
$this->developerRepository = $developerRepository;
$this->codeuserreferenceRepository = $codeuserreferenceRepository;
}
public function auth($email, $secretKey, $referenceId)
{
$this->validateSecretAppKey($secretKey, $referenceId);
//todo: We need to match $referenceId with email in validateDeveloper
$developer = $this->validateDeveloper($referenceId);
$this->setSession($developer);
return $developer;
}
public function authAdmin($email, $secretKey, $referenceId)
{
$this->validateSecretAppKey($secretKey, $referenceId);
//todo: We need to match $referenceId with email in validateDeveloper
$developer = $this->validateAdminDeveloper($referenceId);
$this->setSession($developer);
return $developer;
}
public function check($developer)
{
$result = false;
$session = $this->session->get(self::SESSION_NAME);
if ($session && $session == $developer->getId()) {
$result = true;
}
return $result;
}
public function logout()
{
$this->session->remove(self::SESSION_NAME);
}
protected function validateDeveloper($referenceId)
{
$code_user_reference = $this->codeuserreferenceRepository->findOneByCodereference($referenceId);
$id = $code_user_reference->getDeveloper()->getId();
$developer = $this->developerRepository->findOneById($id);
if (! $developer) {
$this->exception('developer not found', 100);
}
return $developer;
}
protected function validateAdminDeveloper($referenceId)
{
$code_user_reference = $this->codeuserreferenceRepository->findOneByCodereference($referenceId);
$id = $code_user_reference->getDeveloper()->getId();
$developer = $this->developerRepository->findOneById($id);
$role = $developer->getRole();
if ($role != 'ROLE_ADMIN') {
$this->exception('developer not Admin', 100);
}
return $developer;
}
protected function validateSecretAppKey($secretKey, $referenceId)
{
if ($secretKey != md5($referenceId.$this->secretAppKey)) {
$this->exception('secret ket is not valid', 101);
}
}
protected function setSession($developer)
{
$this->session->set(self::SESSION_NAME, $developer->getId());
}
protected function exception($message, $code)
{
throw new \Exception($message, $code);
}
}
但在调试面板中:“您没有通过身份验证。 “ 这是我secyrity,也许问题|
security:
encoders:
Artel\ProfileBundle\Entity\Users:
algorithm: sha1
encode_as_base64: false
iterations: 1
Artel\ProfileBundle\Entity\Developers:
algorithm: sha1
encode_as_base64: false
iterations: 1
Symfony\Component\Security\Core\User\User: plaintext
role_hierarchy:
ROLE_CLIENT: ROLE_USER
ROLE_COMPANY: ROLE_USER
ROLE_FREELANCER: ROLE_USER
ROLE_ADMIN: [ROLE_MODERATOR, ROLE_CLIENT, ROLE_COMPANY, ROLE_FREELANCER]
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_MODERATOR, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
chain_provider:
chain:
providers: [user_db, user_dev, in_memory]
providers: [user_dev, in_memory]
user_db:
entity: { class: Artel\ProfileBundle\Entity\Users, property: email }
user_dev:
entity: { class: Artel\ProfileBundle\Entity\Developer, property: email }
in_memory:
memory:
users:
admin_tyty: { password: adminpass_tyty, roles: [ 'ROLE_ADMIN' ] }
firewalls:
default:
anonymous: ~
http_basic: ~
form_login:
login_path: /login
check_path: /login_check
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: ROLE_ADMIN }
在我的变种,用户在其他网站进行身份验证和我的地盘我有GET方法的用户数据 - 电子邮件,密钥和参考
?http://aog.local/app_dev.php/auth/[email protected]/962cc9a06924034d1285e8d75b2faf2d/00223311121
在我的变种,用户在其他网站进行身份验证和我的地盘我有GET方法的用户数据, 'HTTP:// aog.local/app_dev.php/auth /中安阁@ gmail.com/962cc9a06924034d1285e8d75b2faf2d/00223311121' 我创建auth服务位,此服务未验证 –
像我的项目工作中的食谱和主页。但我有来自另一个网站的GET网址。我更新我的问题 –
如果你有一个无状态的应用程序,那么你将无法在那里验证你的用户,所以你应该找到一种方法,比如oAuth做一些验证,以获得你在问题中发布的第二个打印屏幕。 – Rvanlaak