Php 如何在Silex中处理用户角色?
composer.jsonPhp 如何在Silex中处理用户角色?,php,mysql,symfony,silex,Php,Mysql,Symfony,Silex,composer.json "require": { . . . "doctrine/dbal": "~2.5.4", "doctrine/orm": "~2.5.4", "silex/silex": "~2.0", "symfony/security": "^3.1&qu
"require": {
.
.
.
"doctrine/dbal": "~2.5.4",
"doctrine/orm": "~2.5.4",
"silex/silex": "~2.0",
"symfony/security": "^3.1",
"symfony/security-csrf": "^3.1",
"twig/twig": "^1.24",
.
.
.
},
我正在使用Doctrin ORM,无法使安全上下文在Silex中工作:
MyNameSpace\Model\UserProvider(简化)
MyNameSpace\Model\User.php(简化)
MySQL数据库中用户表中的角色字段:
$app->register(new Provider\SecurityServiceProvider(), array(
'security.firewalls' => array(
'users' => array(
'pattern' => '^/users/.*$',
'anonymous' => false,
'form' => array(
'login_path' => '/login',
'check_path' => '/users/login_check',
),
'logout' => array(
'logout_path' => '/users/logout',
'invalidate_session' => true,
),
'users' => function() use($app){
return new UserProvider($app);
},
),
),
'security.role_hierarchy' => array(
'ROLE_USER' => array(),
'ROLE_CLIENT' => array('ROLE_USER'),
),
'security.access_rules' => array(
array('^/.+$', ''),
array('^/login', ''),
array('^/register', ''),
array('^/users/.*$', 'ROLE_USER'),
),
));
(ROLE\u USER
始终通过MyNameSpace\Model\USER:getRoles
方法添加)
安全服务提供商:
$app->register(new Provider\SecurityServiceProvider(), array(
'security.firewalls' => array(
'users' => array(
'pattern' => '^/users/.*$',
'anonymous' => false,
'form' => array(
'login_path' => '/login',
'check_path' => '/users/login_check',
),
'logout' => array(
'logout_path' => '/users/logout',
'invalidate_session' => true,
),
'users' => function() use($app){
return new UserProvider($app);
},
),
),
'security.role_hierarchy' => array(
'ROLE_USER' => array(),
'ROLE_CLIENT' => array('ROLE_USER'),
),
'security.access_rules' => array(
array('^/.+$', ''),
array('^/login', ''),
array('^/register', ''),
array('^/users/.*$', 'ROLE_USER'),
),
));
这意味着用户将获得身份验证,就好像我提交了错误的凭据一样,它会提醒我:
糟糕的凭证
但是如果凭据正确,标记
为空:
$app->get("/", function() use($app){
$token = $app['security.token_storage']->getToken();
if (null !== $token){
$user = $token->getUser();
$username = $user->getUsername();
return $app['twig']->render('page.html.twig', array(
'user' => $username
)
);
}else{
return $app['twig']->render('base.html.twig');
}
});
结果总是base.html.twig
笔记
- Silex文档不使用ORM,并将角色作为逗号分隔字符串存储在数据库中,如:
ROLE_CLIENT,ROLE_ADMIN
- 我使用序列化数组存储它:
a:2:{i:0;s:11:"ROLE_CLIENT";i:1;s:10;"ROLE_ADMIN";}
ROLE_CLIENT,ROLE_ADMIN
a:2:{i:0;s:11:"ROLE_CLIENT";i:1;s:10;"ROLE_ADMIN";}