php – 在Symfony2中从AuthenticationHandler设置flashMessage
作者:互联网
我遇到了FOSUserBundle的问题,因为每次我使用错误的凭据登录时,我都会得到完整的堆栈跟踪作为错误消息:
Error! exception
‘Symfony\Component\Security\Core\Exception\BadCredentialsException’
with message ‘Bad credentials’ in
/var/www/html/vendor/symfony/symfony/src/Symfony/Component/Security/Core/Authentication/Provider/UserAuthenticationProvider.php:90
这对我来说很难看,所以对用户来说非常难看.所以我正在考虑两个解决方案:改为AJAX登录,我正在努力,但它没有工作或我做错了(将在下面解释)并找到一种方法来改变这个丑陋的消息(我没有得到这个,所以任何建议都会有所帮助).
现在关于第一个解决方案,这就是我所做的:
>实现AuthenticationHandler:
<?php
namespace UsuarioBundle\Handler;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Bundle\FrameworkBundle\Routing\Router;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface;
use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
class AuthenticationHandler
implements AuthenticationSuccessHandlerInterface,
AuthenticationFailureHandlerInterface
{
private $router;
public function __construct(Router $router)
{
$this->router = $router;
}
public function onAuthenticationSuccess(Request $request, TokenInterface $token)
{
if ($request->isXmlHttpRequest()) {
// do I need something here?
} else {
// If the user tried to access a protected resource and was forces to login
// redirect him back to that resource
if ($targetPath = $request->getSession()->get('_security.target_path')) {
$url = $targetPath;
} else {
// Otherwise, redirect him to wherever you want
$url = $this->router->generate('user_view', array('nickname' => $token->getUser()->getNickname()));
}
return new RedirectResponse($url);
}
}
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
{
if ($request->isXmlHttpRequest()) {
// Handle XHR here
} else {
// Create a flash message with the authentication error message
$request->getSession()->setFlash('error', $exception->getMessage());
$url = $this->router->generate('user_login');
return new RedirectResponse($url);
}
}
}
>定义服务并注册处理程序:
parameters:
vendor_security.authentication_handler: UsuarioBundle\Handler\AuthenticationHandler
services:
authentication_handler:
class: %vendor_security.authentication_handler%
arguments: [@router]
tags:
- { name: 'monolog.logger', channel: 'security' }
>更改security.yml中的引用:
防火墙:
主要:
模式:^ /
form_login:
提供者:fos_userbundle
csrf_provider:form.csrf_provider
login_path:/ login
check_path:/ login_check
success_handler:authentication_handler
failure_handler:authentication_handler
logout:
path: fos_user_security_logout
target: /
invalidate_session: false
anonymous: ~
但是当我尝试使用无效凭据登录时出现此错误:
Attempted to call method “setFlash” on class
“Symfony\Component\HttpFoundation\Session\Session” in
/var/www/html/src/UsuarioBundle/Handler/AuthenticationHandler.php line
52.
为什么?我检查了getSession()方法,它是HttpFoundation的一部分,我将其包含在use语句中,所以我在这里做错了什么?
注意:我主要从this主题中获取代码,所以我仍然对它有一些疑问.
解决方法:
$request-> getSession() – > setFlash(‘error’,’error’);是“旧”symfony版本的符号.
现在你应该使用
$reqest->getSession()->getFlashBag()->add('error', $exception->getMessage());
此外,您确定显示$exception文本消息是一个好习惯吗?我的意思是,我不知道在哪个页面会显示这个闪存,但是如果用户,甚至是管理员 – 当然对PHP和编程一般都不了解 – 可以看到页面,所以消息,您应该尝试为您的目的记录消息但是向用户显示其他内容.
标签:php,ajax,symfony,login,fosuserbundle 来源: https://codeday.me/bug/20190722/1506040.html