I'm trying to find out if a user is inside a secure firewall.
我试图找出用户是否在安全防火墙内。
security.yml:
security.yml:
firewalls:
non_secure_area:
pattern: ^/
anonymous: true
secure_area:
pattern: ^/admin
form_login:
#etc.
logout:
#etc.
So I need to know if the user is inside the 'secure_area' secure part of the site.
所以我需要知道用户是否在网站的'secure_area'安全部分内。
I have used this, but of course it only tells me if somebody is 'logged in' AND on a HTTPS page. There must be a better way:
我已经使用了这个,但当然它只告诉我是否有人在HTTPS页面上“登录”。一定会有更好的办法:
if( $request->isSecure() && $securityContext->isGranted('IS_AUTHENTICATED_REMEMBERED') ) {
}
2 个解决方案
#1
10
You can get security token and access provider key on it.
您可以在其上获取安全令牌和访问提供程序密钥。
$token = $securityContext->getToken();
$providerKey = $token->getProviderKey(); // secured_area
Dont forget to check that token exist and its not an instance of AnonymousToken
别忘了检查该令牌是否存在而且它不是AnonymousToken的实例
#2
0
If you are into something that is ContainerAware, you may get the Request, and then the URI [see docs]:
如果您使用的是ContainerAware,您可以获取Request,然后获取URI [请参阅docs]:
$request = $this->container->get('request');
$uri = $request->getUri();
Then you can check such string against /admin as you wish.
然后你可以根据需要检查/ admin这样的字符串。
#1
10
You can get security token and access provider key on it.
您可以在其上获取安全令牌和访问提供程序密钥。
$token = $securityContext->getToken();
$providerKey = $token->getProviderKey(); // secured_area
Dont forget to check that token exist and its not an instance of AnonymousToken
别忘了检查该令牌是否存在而且它不是AnonymousToken的实例
#2
0
If you are into something that is ContainerAware, you may get the Request, and then the URI [see docs]:
如果您使用的是ContainerAware,您可以获取Request,然后获取URI [请参阅docs]:
$request = $this->container->get('request');
$uri = $request->getUri();
Then you can check such string against /admin as you wish.
然后你可以根据需要检查/ admin这样的字符串。