Php Silex2:覆盖'DaoAuthenticationProvider'类的'checkAuthentication'方法_Php_Symfony_Authentication_Silex

Php Silex2:覆盖'DaoAuthenticationProvider'类的'checkAuthentication'方法

php symfony authentication

Php Silex2:覆盖'DaoAuthenticationProvider'类的'checkAuthentication'方法,php,symfony,authentication,silex,Php,Symfony,Authentication,Silex,使用Silex 2，我花了好几个小时才找到覆盖DaoAuthenticationProvider类的checkAuthentication方法的方法关于上下文：我使用自定义UserToken定义了身份验证侦听器和提供程序 $app['security.authentication_listener.factory.sds'] = $app->protect(function ($name, $options) use ($app) { // define the authenti

使用Silex 2，我花了好几个小时才找到覆盖

DaoAuthenticationProvider

类的

checkAuthentication

方法的方法

关于上下文：我使用自定义

UserToken

定义了身份验证侦听器和提供程序

$app['security.authentication_listener.factory.sds'] = $app->protect(function ($name, $options) use ($app) {
    // define the authentication provider object
    $app['security.authentication_provider.'.$name.'.sds'] = function () use ($app) {
        return new CustomAuthenticationProvider($app['user.provider'], $app['security.encoder_factory']);
    };

    // define the authentication listener object
    $app['security.authentication_listener.'.$name.'.sds'] = function () use ($app) {
        return new CustomAuthenticationListener($app['security.token_storage'], $app['security.authentication_manager']);
    };

    return array(
        // the authentication provider id
        'security.authentication_provider.'.$name.'.sds',
        // the authentication listener id
        'security.authentication_listener.'.$name.'.sds',
        // the entry point id
        null,
        // the position of the listener in the stack
        'pre_auth'
    );
});

但是我需要自定义

DaoAuthenticationProvider

的

checkAuthentication

，当自定义身份验证提供程序返回成功验证的令牌时，会自动调用它

protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token)
{
    $currentUser = $token->getUser();
    if ($currentUser instanceof UserInterface) {
        if ($currentUser->getPassword() !== $user->getPassword()) {
            throw new BadCredentialsException('The credentials were changed from another session.');
        }
    } else {
        if ('' === ($presentedPassword = $token->getCredentials())) {
            throw new BadCredentialsException('The presented password cannot be empty.');
        }

        if (!$this->encoderFactory->getEncoder($user)->isPasswordValid($user->getPassword(), $presentedPassword, $user->getSalt())) {
            throw new BadCredentialsException('The presented password is invalid.');
        }
    }
}

解决方案

在app.php中定义如下：

$app['security.authentication_provider.dao._proto'] = $app->protect(function ($name) use($app) {
    return new \Trilogis\Classes\CustomUserAuthenticationProvider(
        $app['security.user_provider.' . $name],
        $app['security.user_checker'],
        $name,
        $app['security.encoder_factory']
    );
});

您可以创建自定义身份验证提供程序，也可以从DaoAuthenticationProvider扩展它。并在应用程序中重新定义身份验证提供程序定义：

...

$app['security.authentication_provider.sds.dao'] = function() {
    return new MyAuthenticationProvider(
        $app['security.user_provider.sds'],
        $app['security.user_checker'],
        'sds',
        $app['security.encoder_factory'],
        $app['security.hide_user_not_found']
    );
};

$app['security.authentication_listener.sds.form'] = function() {
    return new CustomAuthenticationListener($app['security.token_storage'], $app['security.authentication_manager']);
};

...

$app->run();

谢谢你的帮助。在您的示例中，

MyAuthenticationProvider

是一个扩展

UserAuthenticationProvider

的类，对吗？这段代码必须是$app['security.authentication\u listener.factory.sds']配置的一部分，或者在？1之前/之后声明-在我的示例中-是的，2-我认为没有必要重新定义

security.authentication\u listener.factory

。只需重新定义侦听器。我改变了答案。谢谢你，你给我的提示，我需要弄明白这一点。我问的问题的最后是一个干净的解决方案。