1
使用Silex 2,我堅持了幾個小時才找到一種方法來覆蓋DaoAuthenticationProvider
類的checkAuthentication
方法?Silex2:覆蓋`DaoAuthenticationProvider`類的`checkAuthentication`方法
關於上下文:我使用自定義UserToken
定義了身份驗證偵聽器和提供程序。
$app['security.authentication_listener.factory.sds'] = $app->protect(function ($name, $options) use ($app) {
// define the authentication provider object
$app['security.authentication_provider.'.$name.'.sds'] = function() use ($app) {
return new CustomAuthenticationProvider($app['user.provider'], $app['security.encoder_factory']);
};
// define the authentication listener object
$app['security.authentication_listener.'.$name.'.sds'] = function() use ($app) {
return new CustomAuthenticationListener($app['security.token_storage'], $app['security.authentication_manager']);
};
return array(
// the authentication provider id
'security.authentication_provider.'.$name.'.sds',
// the authentication listener id
'security.authentication_listener.'.$name.'.sds',
// the entry point id
null,
// the position of the listener in the stack
'pre_auth'
);
});
但我需要自定義的DaoAuthenticationProvider
的checkAuthentication
當自定義身份驗證提供利潤歸還成功進行身份驗證令牌自動調用。
protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token)
{
$currentUser = $token->getUser();
if ($currentUser instanceof UserInterface) {
if ($currentUser->getPassword() !== $user->getPassword()) {
throw new BadCredentialsException('The credentials were changed from another session.');
}
} else {
if ('' === ($presentedPassword = $token->getCredentials())) {
throw new BadCredentialsException('The presented password cannot be empty.');
}
if (!$this->encoderFactory->getEncoder($user)->isPasswordValid($user->getPassword(), $presentedPassword, $user->getSalt())) {
throw new BadCredentialsException('The presented password is invalid.');
}
}
}
解決方案
這樣定義在app.php:
$app['security.authentication_provider.dao._proto'] = $app->protect(function ($name) use($app) {
return new \Trilogis\Classes\CustomUserAuthenticationProvider(
$app['security.user_provider.' . $name],
$app['security.user_checker'],
$name,
$app['security.encoder_factory']
);
});
感謝您的幫助。在你的例子中,MyAuthenticationProvider是一個擴展UserAuthenticationProvider的類嗎?這段代碼必須是$ app ['security.authentication_listener.factory.sds']配置文件的一部分,還是之前/之後聲明的? – sdespont
1 - 在我的例子中 - 是的,2 - 我認爲沒有必要重新定義'security.authentication_listener.factory'。只是重新定義了聽衆。我改變了答案。 –
謝謝,你給我提示我需要弄明白這一點。乾淨的解決方案在我問的問題的最後。 – sdespont