我通过新的 simple_form 功能实现了自定义身份验证器
main:
pattern: ^/
simple_form:
authenticator: custom_authenticator
provider: fos_userbundle
csrf_provider: form.csrf_provider
remember_me:
key: "%secret%"
lifetime: 31536000 # 365 jours
path: /
domain: ~
name: my_remember_cookie
我的身份验证器中的authenticateToken()方法如下所示:
try {
$user = $userProvider->loadUserByUsername($token->getUsername());
} catch (UsernameNotFoundException $e) {
throw new AuthenticationException('Unknown user');
}
if ($user->isLocked() === true) {
throw new AuthenticationException('User locked');
}
if (/* Logic checks */) {
return new UsernamePasswordToken(
$user, null, $providerKey, $user->getRoles()
);
}
我想知道,从这一点来看,是否有一种方法可以以编程方式设置“记住我”cookie(在我的情况下,我想根据用户的角色设置它)?
编辑:感谢sebbo,我解决了这个问题,重点是在将$request对象传递给rememberMe服务之前手动设置remember_me参数。
我的最终代码:
/**
* onAuthenticationSuccess
*
* @param Request $request
* @param TokenInterface $token
* @return Response
*/
public function onAuthenticationSuccess(Request $request, TokenInterface $token) {
$url = $this->container->get("session")->get('_security.main.target_path') ? $this->container->get("session")->get('_security.main.target_path') : $this->container->get("router")->generate('home');
$response = $request->isXmlHttpRequest() ?
new JsonResponse(array(
"success" => true,
"url" => $url
)) : new RedirectResponse($url);
// Relevant part
$rememberMeService = $this->container->get("EDE.security.service.remember_me");
$request->attributes->set($rememberMeService->getRememberMeParameter(), 'true'/*set to other than 'yes'|'true'|'on'|'1' to force to don't set cookie*/);
$rememberMeService->loginSuccess($request, $response, $token);
return $response;
}
服务别名:
<service id="EDE.security.service.remember_me" alias="security.authentication.rememberme.services.simplehash.main"></service>
手动请求参数分配看起来有点脏,但它确实有效。