个人中心
gpt4 book ai didi

php - 如果用户未在 Symfony 上确认,则拒绝访问

转载 作者:行者123 更新时间:2023-11-29 16:50:04 25 4
gpt4 key购买 nike

我发现很难弄清楚如何拒绝某些数据库中 is_active 设置为 false 的用户访问站点。如何修改当前的 LoginController 以检查数据库中的值并抛出一些 AccessDenied 异常?

下面是LoginController.php

namespace App\Controller\User;

use App\Form\User\LoginType;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\Form\FormError;
use Symfony\Component\Form\FormFactoryInterface;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
use Twig\Environment;

/**
 * @Route("/login", name="login")
 */
final class LoginController extends Controller
{
    public function __invoke(
        Environment $twig,
        FormFactoryInterface $formFactory,
        AuthenticationUtils $authenticationUtils
    ): Response {
        if ($this->get('security.authorization_checker')->isGranted('IS_AUTHENTICATED_FULLY')) {
            return new RedirectResponse('/profile');
        }

        $form = $formFactory->createNamed('', LoginType::class, [
            'email' => $authenticationUtils->getLastUsername(),
        ]);

        if (null !== $error = $authenticationUtils->getLastAuthenticationError(true)) {
            $form->addError(new FormError($error->getMessage(), $error->getMessageKey(), $error->getMessageData()));
        }

        return new Response($twig->render('user/login.html.twig', [
            'form' => $form->createView(),
        ]));
    }
}

我的数据库有一个表“user”:

+----+---------+----------------+-----------+------------+--------------------------+--------------------------+------------+-----------+-----------+-----------+------------+----------------------+-------------------------------------+--------------------------------------------------------------+----------------------+-----------------------+------------------------------------------------------------------+--------------+
| id | type_id | upline_user_id | is_active | trainer_id | upline_token             | upline_user_token        | first_name | last_name | file_name | file_size | updated_at | unread_notifications | credential_email                    | credential_password                                          | password_reset_token | password_requested_at | confirmation_token                                               | confirmed_at |
+----+---------+----------------+-----------+------------+--------------------------+--------------------------+------------+-----------+-----------+-----------+------------+----------------------+-------------------------------------+--------------------------------------------------------------+----------------------+-----------------------+------------------------------------------------------------------+--------------+

最佳答案

关于php - 如果用户未在 Symfony 上确认,则拒绝访问,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/52859029/

25 4 0
文章推荐: mysql - my.ini server-id 变量不会改变
文章推荐: javascript - 如何用 JavaScript 模拟 SQL 连接
文章推荐: php - 使用 php 和 mysql 插入 xml
文章推荐: php - 需要澄清 : Yii2, MySQL 过程和临时表
行者123
个人简介

我是一名优秀的程序员,十分优秀!

滴滴打车优惠券免费领取
滴滴打车优惠券
全站热门文章
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com