[Symfony 5]注销后的确认消息
在Symfony 5上,使用内置登录系统,似乎无法在注销后添加确认消息。我严格遵循了上面描述的步骤。不幸的是,SecurityController中的注销方法是无用的。我直接在登录页面上被重定向 这里有我的security.yaml文件:[Symfony 5]注销后的确认消息,symfony,security,logout,Symfony,Security,Logout,在Symfony 5上,使用内置登录系统,似乎无法在注销后添加确认消息。我严格遵循了上面描述的步骤。不幸的是,SecurityController中的注销方法是无用的。我直接在登录页面上被重定向 这里有我的security.yaml文件: security: encoders: App\Entity\User: algorithm: auto # https://symfony.com/doc/current/security.html#where-do-users-
security:
encoders:
App\Entity\User:
algorithm: auto
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
providers:
# used to reload user from session & other features (e.g. switch_user)
app_user_provider:
entity:
class: App\Entity\User
property: email
# used to reload user from session & other features (e.g. switch_user)
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: lazy
provider: app_user_provider
guard:
authenticators:
- App\Security\LoginFormAuthenticator
logout:
path: logout
target: login
remember_me:
secret: '%kernel.secret%'
lifetime: 604800 # 1 week in seconds
path: home
always_remember_me: true
# activate different ways to authenticate
# https://symfony.com/doc/current/security.html#firewalls-authentication
# https://symfony.com/doc/current/security/impersonating_user.html
# switch_user: true
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/logout$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: IS_AUTHENTICATED_FULLY }
- { path: ^/admin, roles: [IS_AUTHENTICATED_FULLY, ROLE_ADMIN] }
- { path: ^/profile, roles: [IS_AUTHENTICATED_FULLY, ROLE_USER] }
以及控制器:
<?php
namespace App\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
class SecurityController extends AbstractController
{
public function login(AuthenticationUtils $authenticationUtils): Response
{
if ($this->getUser()) {
return $this->redirectToRoute('home');
}
// get the login error if there is one
$error = $authenticationUtils->getLastAuthenticationError();
return $this->render('security/login.html.twig', ['last_username' => null, 'error' => $error]);
}
public function logout()
{
throw new \Exception('Don\'t forget to activate logout in security.yaml');
}
}
?>
谢谢你的帮助 SecurityController中的注销方法实际上不会被命中,因为Symfony将拦截请求。 如果您需要在注销后执行某些操作,可以使用注销成功处理程序
namespace-App\Logout;
使用Symfony\Component\HttpFoundation\Request;
使用Symfony\Component\HttpFoundation\Response;
使用Symfony\Component\Security\Http\Logout\LogoutSuccessHandlerInterface;
类MyLogoutSuccessHandler实现LogoutSuccessHandler接口
{
/**
*{@inheritardoc}
*/
公共函数onLogoutSuccess(请求$Request)
{
//你可以在这里做任何事
返回新响应('logout successfully');//或在此处呈现细枝模板,由您决定
}
}
您可以将注销成功处理程序注册到security.yaml
防火墙:
主要内容:
匿名:懒惰
提供者:应用程序\用户\提供者
警卫:
认证者:
-App\Security\LoginFormAuthenticator
注销:
路径:注销
成功\u处理程序:App\Logout\MyLogoutSuccessHandler#假设您已为服务启用自动配置,或者需要注册处理程序
多亏了Indra Gunawan,这个解决方案才有效。我的目标是重定向到登录页面,并显示一条消息,如“您已成功注销”
在这种情况下,必须调整LogoutSuccessHandler以路由到登录页面:
namespace App\Logout;
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Http\Logout\LogoutSuccessHandlerInterface;
use Symfony\Component\Routing\Generator\UrlGeneratorInterface;
use Symfony\Component\HttpFoundation\RedirectResponse;
class MyLogoutSuccessHandler extends AbstractController implements LogoutSuccessHandlerInterface
{
private $urlGenerator;
public function __construct(UrlGeneratorInterface $urlGenerator)
{
$this->urlGenerator = $urlGenerator;
}
public function onLogoutSuccess(Request $request)
{
return new RedirectResponse($this->urlGenerator->generate('login', ['logout' => 'success']));
}
}
需要在routes.yaml中定义路由登录名:
login:
path: /login
controller: App\Controller\SecurityController::login
logout:
path: /logout
methods: GET
在这种情况下,注销时,您将被重定向到一个url,如:/login?logout=success
最后,您可以在twig模板中捕获注销参数,如:
{%- if app.request('logout') -%}
<div class="alert alert-success">{% trans %}Logout successful{% endtrans %}</div>
{%- endif -%}
{%-if-app.request('logout')-%}
{%trans%}注销成功{%endtrans%}
{%-endif-%}
从5.1版开始,LogoutSuccessHandlerInterface已被弃用,建议使用LogoutEvent
Symfony\Component\Security\Http\Logout\LogoutSuccessHandlerInterface不推荐使用
但是官方文档中没有关于注销事件的示例或信息以下是注销事件的文档: 必须创建事件并实现onSymfonyComponentSecurityHttpEventLogoutEvent的方法。
这对我来说很有用对于那些想知道如何通过新的注销定制实现外部重定向的人来说: 如中所述,创建一个新的CustomLogoutListener类并将其添加到services.yml配置中 CustomLogoutListener类应实现onSymfonyComponentSecurityHttpEventLogoutEvent方法,该方法将接收LogoutEvent作为参数,允许您设置响应:
namespace App\EventListener;
use JetBrains\PhpStorm\NoReturn;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Http\Event\LogoutEvent;
class CustomLogoutListener
{
/**
* @param LogoutEvent $logoutEvent
* @return void
*/
#[NoReturn]
public function onSymfonyComponentSecurityHttpEventLogoutEvent(LogoutEvent $logoutEvent): void
{
$logoutEvent->setResponse(new RedirectResponse('https://where-you-want-to-redirect.com', Response::HTTP_MOVED_PERMANENTLY));
}
}
# config/services.yaml
services:
# ...
App\EventListener\CustomLogoutListener:
tags:
- name: 'kernel.event_listener'
event: 'Symfony\Component\Security\Http\Event\LogoutEvent'
dispatcher: security.event_dispatcher.main