Javascript 使用Symfony2的FOSUserBundle AJAX登录(路由)
我正在尝试使用FOSUserBundle实现AJAX身份验证 我已使用Javascript 使用Symfony2的FOSUserBundle AJAX登录(路由),javascript,php,ajax,symfony,fosuserbundle,Javascript,Php,Ajax,Symfony,Fosuserbundle,我正在尝试使用FOSUserBundle实现AJAX身份验证 我已使用AuthenticationHandler类创建了一个处理程序目录: <?php namespace BirdOffice\UserBundle\Handler; use Symfony\Component\HttpFoundation\Response; use Symfony\Component\HttpFoundation\RedirectResponse; use Symfony\Component\Rout
AuthenticationHandler类创建了一个处理程序目录
:
<?php
namespace BirdOffice\UserBundle\Handler;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\Routing\RouterInterface;
use Symfony\Component\HttpFoundation\Session\Session;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Core\SecurityContextInterface;
use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface;
use Symfony\Component\Security\Http\Authentication\AuthenticationFailureHandlerInterface;
class AuthenticationHandler implements AuthenticationSuccessHandlerInterface, AuthenticationFailureHandlerInterface
{
private $router;
private $session;
/**
* Constructor
*
* @param RouterInterface $router
* @param Session $session
*/
public function __construct( RouterInterface $router, Session $session )
{
$this->router = $router;
$this->session = $session;
}
/**
* onAuthenticationSuccess
*
* @param Request $request
* @param TokenInterface $token
* @return Response
*/
public function onAuthenticationSuccess( Request $request, TokenInterface $token )
{
// if AJAX login
if ( $request->isXmlHttpRequest() ) {
$array = array( 'success' => true ); // data to return via JSON
$response = new Response( json_encode( $array ) );
$response->headers->set( 'Content-Type', 'application/json' );
return $response;
// if form login
} else {
if ( $this->session->get('_security.main.target_path' ) ) {
$url = $this->session->get( '_security.main.target_path' );
} else {
$url = $this->router->generate( 'home_page' );
} // end if
return new RedirectResponse( $url );
}
}
/**
* onAuthenticationFailure
*
* @param Request $request
* @param AuthenticationException $exception
* @return Response
*/
public function onAuthenticationFailure( Request $request, AuthenticationException $exception )
{
// if AJAX login
if ( $request->isXmlHttpRequest() ) {
$array = array( 'success' => false, 'message' => $exception->getMessage() ); // data to return via JSON
$response = new Response( json_encode( $array ) );
$response->headers->set( 'Content-Type', 'application/json' );
return $response;
// if form login
} else {
// set authentication exception to session
$request->getSession()->set(SecurityContextInterface::AUTHENTICATION_ERROR, $exception);
return new RedirectResponse( $this->router->generate( 'login_route' ) );
}
}
}
在我的routingAjax.yml
中,我添加了以下行以覆盖FOSUserBundle安全路由
:
check_login_ajax:
pattern: /check_login_ajax
defaults: { _controller: FOSUserBundle:Security:check }
requirements:
_method: POST
options:
expose: true
在我的全局security.yml
文件中,我添加了检查路径
、成功处理程序
和失败处理程序
部分:
firewalls:
main:
pattern: ^/
form_login:
login_path: fos_user_registration_register
check_path: check_login_ajax
success_handler: user.security.authentication_handler
failure_handler: user.security.authentication_handler
provider: fos_userbundle
csrf_provider: form.csrf_provider
logout:
path: fos_user_security_logout
target: /
anonymous: true
我的第一个问题是:AJAX返回消息:“无效的CSRF令牌。”(但是我发送了一个用PHP生成的好消息,可能我错过了一些东西)。以下是我的PHP代码:
<?php
$csrfProvider = $this->container->get('form.csrf_provider');
$csrfToken = $csrfProvider->generateCsrfToken('popUpUser');
?>
第二个问题:我的登录页面(不是AJAX页面)不再工作,因为FOSUserBundle登录的原始路径已被覆盖
注:我昨天发了一条信息:但我解释得很糟糕。很抱歉。第一个问题:您发送的CSRF令牌无效。在Symfony 2.3中,您可以在模板的输入值中使用{{csrf_令牌('authenticate')}}
生成它
第二个问题:不要覆盖路由,只需使用原始路由:fos\u user\u security\u check
一般情况下:如果使用AuthenticationSuccessHandler
扩展Symfony\Component\Security\Http\Authentication\DefaultAuthenticationSuccessHandler
,则您的方法可能如下所示:
public function onAuthenticationSuccess(Request $request, TokenInterface $token)
{
if ($request->isXmlHttpRequest()) {
return new JsonResponse(array('success' => true));
}
return parent::onAuthenticationSuccess($request, $token);
}
对AuthenticationFailureHandler
扩展Symfony\Component\Security\Http\Authentication\DefaultAuthenticationFailureHandler
执行类似操作如果您使用的是symfony2.4,则令牌的生成已更改使用Security.csrf.token\u manager
而不是form.csrf\u provider
谢谢您的帮助你帮忙,我用的是Symfony 2.6.4。我只是将以下内容替换为:
,但仍然有相同的错误消息。
public function onAuthenticationSuccess(Request $request, TokenInterface $token)
{
if ($request->isXmlHttpRequest()) {
return new JsonResponse(array('success' => true));
}
return parent::onAuthenticationSuccess($request, $token);
}