duangou1933
2018-02-16 09:29
浏览 78
已采纳

在symfony 3.4中的FosUser登录中添加Captcha

I have a functionally Login with FosUser.

Now, I am trying to add any captcha to the login generated by FosUser, I am working with Symfony 3.4.4

I've researched some links like:

  1. ReCaptcha with this tutorial, but I don't know how to overwrite the check login to add the validation.

  2. EWZRecaptchaBundle I did not found any sample with FOsUser

  3. BotDetect or CaptchaBundle seems to require a lot of memory to generate the captcha. Then is not my option because my prod environment is a shared hosting

Any help or suggestion are welcome

Greetings

图片转代码服务由CSDN问答提供 功能建议

我在功能上使用FosUser登录。

现在,我正在尝试 要将验证码添加到 FosUser 生成的登录中,我正在使用Symfony 3.4.4

我研究了一些链接 喜欢:

  1. ReCaptcha with 本教程,但我不知道如何覆盖检查登录以添加验证。

  2. EWZRecaptchaBundle 我没有找到任何带有FOsUser的样本

  3. BotDetect或CaptchaBundle 似乎需要大量内存 生成验证码。 然后不是我的选择,因为我的prod环境是共享主机

    欢迎任何帮助或建议

    问候 p>

  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • duanjiang7505 2018-02-19 21:47
    已采纳

    Finally I solve my problem using the option 1 from my post and changing the extending to /src/UserBundle/Controller/SecurityController.php and changing the LoginAction

    <?php 
 public function loginAction(Request $request){
    $error = Security::AUTHENTICATION_ERROR;
    $lastUsername = '';
    $isValid=false;
    $hasCaptcha=false;
    if ($_POST) {
        $lastUsername = $_POST['_username'];
        $password_plain = $_POST['_password'];
        $em = $this->getDoctrine()->getManager();
        $userManager = $this->get('fos_user.user_manager');
        $user =$userManager ->findUserByUsernameOrEmail($lastUsername);

        if ($this->captchaverify($request->get('g-recaptcha-response'))) {
            $hasCaptcha=true;
        } else {
            $error="Captcha is not Valid";
        }
        if($hasCaptcha){

            if($user){
                $factory = $this->container->get('security.encoder_factory');
                $encoder = $factory->getEncoder($user);
                if($encoder->isPasswordValid($user->getPassword(),$password_plain,$user->getSalt())){
                    $token = new UsernamePasswordToken($user, null, 'main', $user->getRoles());
                    $this->get('security.token_storage')->setToken($token);
                    return $this->redirectToRoute('homepage');
                } else {
                    $error="password is not Valid";
                }
            }else{
               $error="user is not Valid";
            }
        }
    }

    return $this->renderLogin(array(
        'last_username' => $lastUsername,
        'error'         => $error,
    ));
}

function captchaverify($recaptcha){
        $url = "https://www.google.com/recaptcha/api/siteverify";
        $ch = curl_init();
        curl_setopt($ch, CURLOPT_URL, $url);
        curl_setopt($ch, CURLOPT_HEADER, 0);
        curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); 
        curl_setopt($ch, CURLOPT_POST, true);
        curl_setopt($ch, CURLOPT_POSTFIELDS, array(
            "secret"=>"xxxxxxxx","response"=>$recaptcha));
        $response = curl_exec($ch);
        curl_close($ch);
        $data = json_decode($response);     

    return $data->success;        
}
    1. Also needed to change the security.yml at 'login_path' and 'check_path' with value 'new_login' that is a new route to Login Action
    firewalls:
    dev:
        pattern: ^/(_(profiler|wdt|error)|css|images|js)/
        security: false
    main:
        pattern: ^/
        form_login:
            provider: fos_userbundle
            default_target_path: homepage
            csrf_token_generator: security.csrf.token_manager
            login_path: new_login
            check_path: new_login
    1. at my view I added:
    <script src='https://www.google.com/recaptcha/api.js?hl=es'></script>
    1. inside the form:
    <div class="g-recaptcha" data-sitekey="xxxxxx"></div>

    Hope to help any in the same dilemma

    已采纳该答案
    打赏 评论

报告相同问题?

提交

相关推荐 更多相似问题