1. 首頁
  2. 問答
  3. Silex2:覆蓋`DaoAuthenticationProvider`類的`checkAuthentication`方法

Silex2:覆蓋`DaoAuthenticationProvider`類的`checkAuthentication`方法

2017-06-29 108 views
1

使用Silex 2,我堅持了幾個小時才找到一種方法來覆蓋DaoAuthenticationProvider類的checkAuthentication方法?Silex2:覆蓋`DaoAuthenticationProvider`類的`checkAuthentication`方法

關於上下文:我使用自定義UserToken定義了身份驗證偵聽器和提供程序。

$app['security.authentication_listener.factory.sds'] = $app->protect(function ($name, $options) use ($app) { 
    // define the authentication provider object 
    $app['security.authentication_provider.'.$name.'.sds'] = function() use ($app) { 
     return new CustomAuthenticationProvider($app['user.provider'], $app['security.encoder_factory']); 
    }; 

    // define the authentication listener object 
    $app['security.authentication_listener.'.$name.'.sds'] = function() use ($app) { 
     return new CustomAuthenticationListener($app['security.token_storage'], $app['security.authentication_manager']); 
    }; 

    return array(
     // the authentication provider id 
     'security.authentication_provider.'.$name.'.sds', 
     // the authentication listener id 
     'security.authentication_listener.'.$name.'.sds', 
     // the entry point id 
     null, 
     // the position of the listener in the stack 
     'pre_auth' 
    ); 
});

但我需要自定義的DaoAuthenticationProvidercheckAuthentication當自定義身份驗證提供利潤歸還成功進行身份驗證令牌自動調用。

protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token) 
{ 
    $currentUser = $token->getUser(); 
    if ($currentUser instanceof UserInterface) { 
     if ($currentUser->getPassword() !== $user->getPassword()) { 
      throw new BadCredentialsException('The credentials were changed from another session.'); 
     } 
    } else { 
     if ('' === ($presentedPassword = $token->getCredentials())) { 
      throw new BadCredentialsException('The presented password cannot be empty.'); 
     } 

     if (!$this->encoderFactory->getEncoder($user)->isPasswordValid($user->getPassword(), $presentedPassword, $user->getSalt())) { 
      throw new BadCredentialsException('The presented password is invalid.'); 
     } 
    } 
}

解決方案

這樣定義在app.php:

$app['security.authentication_provider.dao._proto'] = $app->protect(function ($name) use($app) { 
    return new \Trilogis\Classes\CustomUserAuthenticationProvider(
     $app['security.user_provider.' . $name], 
     $app['security.user_checker'], 
     $name, 
     $app['security.encoder_factory'] 
    ); 
});

來源

2017-06-29 sdespont

回答

2

您可以自定義的身份驗證提供者,你可以從DaoAuthenticationProvider的時候擴展它。並在應用程序中重新定義身份驗證提供程序定義:

... 

$app['security.authentication_provider.sds.dao'] = function() { 
    return new MyAuthenticationProvider(
     $app['security.user_provider.sds'], 
     $app['security.user_checker'], 
     'sds', 
     $app['security.encoder_factory'], 
     $app['security.hide_user_not_found'] 
    ); 
}; 

$app['security.authentication_listener.sds.form'] = function() { 
    return new CustomAuthenticationListener($app['security.token_storage'], $app['security.authentication_manager']); 
}; 

... 

$app->run();

來源

2017-06-29 13:47:20

+0

感謝您的幫助。在你的例子中,MyAuthenticationProvider是一個擴展UserAuthenticationProvider的類嗎?這段代碼必須是$ app ['security.authentication_listener.factory.sds']配置文件的一部分,還是之前/之後聲明的? – sdespont

+0

1 - 在我的例子中 - 是的,2 - 我認爲沒有必要重新定義'security.authentication_listener.factory'。只是重新定義了聽衆。我改變了答案。 –

+0

謝謝,你給我提示我需要弄明白這一點。乾淨的解決方案在我問的問題的最後。 – sdespont

相關問題

 相關問題