最近,我对使用PdoSessionHandler在数据库中存储会话进行了一些代码更改。我使用的是Guard身份验证。checkCredentials工作得很好,插入到“会话”表中也很好。但是会话中的身份验证令牌在/login_check重定向后丢失。
身份验证令牌以序列化格式存储在会话中的"_security_secured_area“下,会话也保存在数据库中,但从/login_check重定向到/login_redirect会话后,可以使用相同的id,但缺少身份验证令牌详细信息。可能无法从数据库中填充身份验证详细信息。
下面是我的包/security.yaml
firewalls:
# disables authentication for assets and the profiler, adapt it according to your needs
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
secured_area:
pattern: ^/
anonymous: ~
guard:
authenticators:
- App\Security\LoginFormAuthenticator
logout:
path: _logout
target: _public_signin
logout_on_user_change: true
remember_me:
secret: '%kernel.secret%'
lifetime: 2592000 # 30 days in seconds
path: /
domain: ~
remember_me_parameter: _stay_signedin
# by default, the feature is enabled by checking a
# checkbox in the login form (see below), uncomment the
# following line to always enable it.
#always_remember_me: true
token_provider: token_service
这是我的gurardAuthenticator:
/**
* Override to change what happens after successful authentication.
*
* @param Request $request
* @param TokenInterface $token
* @param string $providerKey
*
* @return RedirectResponse
*/
public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
{
/** @var User $user */
$user = $token->getUser();
if ($user->getNewUser() === true) {
$url = '_onboard';
} elseif ($user->getResetPass() === true) {
$url = '_change_temp_password';
} else {
$url = '_login_redirect';
}
//$request->getSession()->save();
// MAS: TODO Add Audit probably in listener
return new RedirectResponse($this->urlGenerator->generate($url));
}
在AuthenticationSuccess之后,它会自动重定向到SecurityController.php中的loginReditrectAction(),但是这里的PostAuthenticationGuardToken丢失了,AuthenticationEvent返回了AnonymousToken。当我在SecurityContrller.php的loginRedirectAction()中打印会话时,我发现会话数据中缺少"_security_secured_area“。
#session: Session {#149 ▼
#storage: NativeSessionStorage {#148 ▶}
-flashName: "flashes"
-attributeName: "attributes"
-data: &2 array:2 [▼
"_sf2_attributes" => &1 array:4 [▼
"_csrf/https-kinetxx" => "rvR8Rr2UcDM_-y16ehk_jgYvMREJ8mTNouYCT16RtfY"
"_security.last_username" => "ktx_provider"
"userTimeZone" => "America/Chicago"
"practiceTimeZone" => "America/New_York"
]
"_symfony_flashes" => &3 []
]
我的SecurityController.php
/**
* @Route("/login_redirect", name="_login_redirect")
*
* @param Request $request
*
* @return RedirectResponse
*/
public function loginRedirectAction(Request $request)
{
dump($request);
dump($this->get('security.authorization_checker'));
die;
}
有人能帮我解决这个问题吗?
发布于 2019-06-13 07:32:51
我遇到了这个问题,解决方案是将我的提供者实体从
implements UserInterface, \Serializable
至
implements AdvancedUserInterface, \Serializable, EquatableInterface
并添加了需要的方法:isEqualTo(UserInterface $user)
、isAccountNonExpired()
、isAccountNonLocked()
、isCredentialsNonExpired()
、isEnabled()
https://stackoverflow.com/questions/48741423
复制相似问题