drlnwji79147769 2017-06-29 13:25
浏览 121
已采纳

Silex2:覆盖`DaoAuthenticationProvider`类的`checkAuthentication`方法

Using Silex 2, I am stuck for hours to find a way to overwrite checkAuthentication method of the DaoAuthenticationProvider class?

About the context: I defined an authentication listener and provider using a custom UserToken.

$app['security.authentication_listener.factory.sds'] = $app->protect(function ($name, $options) use ($app) {
    // define the authentication provider object
    $app['security.authentication_provider.'.$name.'.sds'] = function () use ($app) {
        return new CustomAuthenticationProvider($app['user.provider'], $app['security.encoder_factory']);
    };

    // define the authentication listener object
    $app['security.authentication_listener.'.$name.'.sds'] = function () use ($app) {
        return new CustomAuthenticationListener($app['security.token_storage'], $app['security.authentication_manager']);
    };

    return array(
        // the authentication provider id
        'security.authentication_provider.'.$name.'.sds',
        // the authentication listener id
        'security.authentication_listener.'.$name.'.sds',
        // the entry point id
        null,
        // the position of the listener in the stack
        'pre_auth'
    );
});

But I need to customize the checkAuthentication of DaoAuthenticationProvider called automatically when the custom authentication provider reture a successfully authenticated token.

protected function checkAuthentication(UserInterface $user, UsernamePasswordToken $token)
{
    $currentUser = $token->getUser();
    if ($currentUser instanceof UserInterface) {
        if ($currentUser->getPassword() !== $user->getPassword()) {
            throw new BadCredentialsException('The credentials were changed from another session.');
        }
    } else {
        if ('' === ($presentedPassword = $token->getCredentials())) {
            throw new BadCredentialsException('The presented password cannot be empty.');
        }

        if (!$this->encoderFactory->getEncoder($user)->isPasswordValid($user->getPassword(), $presentedPassword, $user->getSalt())) {
            throw new BadCredentialsException('The presented password is invalid.');
        }
    }
}

Solution

Define like this in app.php :

$app['security.authentication_provider.dao._proto'] = $app->protect(function ($name) use($app) {
    return new \Trilogis\Classes\CustomUserAuthenticationProvider(
        $app['security.user_provider.' . $name],
        $app['security.user_checker'],
        $name,
        $app['security.encoder_factory']
    );
});
  • 写回答

1条回答 默认 最新

  • douxi2011 2017-06-29 13:47
    关注

    You can make custom authentication provider, you can extend it from DaoAuthenticationProvider. And redefine authentication provider definition in application:

    ...

$app['security.authentication_provider.sds.dao'] = function() {
    return new MyAuthenticationProvider(
        $app['security.user_provider.sds'],
        $app['security.user_checker'],
        'sds',
        $app['security.encoder_factory'],
        $app['security.hide_user_not_found']
    );
};

$app['security.authentication_listener.sds.form'] = function() {
    return new CustomAuthenticationListener($app['security.token_storage'], $app['security.authentication_manager']);
};

...

$app->run();
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 phython读取excel表格报错 ^7个 SyntaxError: invalid syntax 语句报错
  • ¥20 @microsoft/fetch-event-source 流式响应问题
  • ¥15 ogg dd trandata 报错
  • ¥15 高缺失率数据如何选择填充方式
  • ¥50 potsgresql15备份问题
  • ¥15 Mac系统vs code使用phpstudy如何配置debug来调试php
  • ¥15 目前主流的音乐软件,像网易云音乐,QQ音乐他们的前端和后台部分是用的什么技术实现的?求解!
  • ¥60 pb数据库修改与连接
  • ¥15 spss统计中二分类变量和有序变量的相关性分析可以用kendall相关分析吗?
  • ¥15 拟通过pc下指令到安卓系统,如果追求响应速度,尽可能无延迟,是不是用安卓模拟器会优于实体的安卓手机?如果是,可以快多少毫秒?