duangou1933
2018-02-16 09:29
浏览 78
已采纳

在symfony 3.4中的FosUser登录中添加Captcha

I have a functionally Login with FosUser.

Now, I am trying to add any captcha to the login generated by FosUser, I am working with Symfony 3.4.4

I've researched some links like:

  1. ReCaptcha with this tutorial, but I don't know how to overwrite the check login to add the validation.

  2. EWZRecaptchaBundle I did not found any sample with FOsUser

  3. BotDetect or CaptchaBundle seems to require a lot of memory to generate the captcha. Then is not my option because my prod environment is a shared hosting

Any help or suggestion are welcome

Greetings

图片转代码服务由CSDN问答提供 功能建议

我在功能上使用FosUser登录。

现在,我正在尝试 要将验证码添加到 FosUser 生成的登录中,我正在使用Symfony 3.4.4

我研究了一些链接 喜欢:

  1. ReCaptcha with 本教程,但我不知道如何覆盖检查登录以添加验证。

  2. EWZRecaptchaBundle 我没有找到任何带有FOsUser的样本

  3. BotDetect或CaptchaBundle 似乎需要大量内存 生成验证码。 然后不是我的选择,因为我的prod环境是共享主机

    欢迎任何帮助或建议

    问候 p>

  • 写回答
  • 关注问题
  • 收藏
  • 邀请回答

1条回答 默认 最新

  • duanjiang7505 2018-02-19 21:47
    已采纳

    Finally I solve my problem using the option 1 from my post and changing the extending to /src/UserBundle/Controller/SecurityController.php and changing the LoginAction

    <?php 
     public function loginAction(Request $request){
        $error = Security::AUTHENTICATION_ERROR;
        $lastUsername = '';
        $isValid=false;
        $hasCaptcha=false;
        if ($_POST) {
            $lastUsername = $_POST['_username'];
            $password_plain = $_POST['_password'];
            $em = $this->getDoctrine()->getManager();
            $userManager = $this->get('fos_user.user_manager');
            $user =$userManager ->findUserByUsernameOrEmail($lastUsername);
    
            if ($this->captchaverify($request->get('g-recaptcha-response'))) {
                $hasCaptcha=true;
            } else {
                $error="Captcha is not Valid";
            }
            if($hasCaptcha){
    
                if($user){
                    $factory = $this->container->get('security.encoder_factory');
                    $encoder = $factory->getEncoder($user);
                    if($encoder->isPasswordValid($user->getPassword(),$password_plain,$user->getSalt())){
                        $token = new UsernamePasswordToken($user, null, 'main', $user->getRoles());
                        $this->get('security.token_storage')->setToken($token);
                        return $this->redirectToRoute('homepage');
                    } else {
                        $error="password is not Valid";
                    }
                }else{
                   $error="user is not Valid";
                }
            }
        }
    
        return $this->renderLogin(array(
            'last_username' => $lastUsername,
            'error'         => $error,
        ));
    }
    
    function captchaverify($recaptcha){
            $url = "https://www.google.com/recaptcha/api/siteverify";
            $ch = curl_init();
            curl_setopt($ch, CURLOPT_URL, $url);
            curl_setopt($ch, CURLOPT_HEADER, 0);
            curl_setopt($ch, CURLOPT_RETURNTRANSFER, TRUE); 
            curl_setopt($ch, CURLOPT_POST, true);
            curl_setopt($ch, CURLOPT_POSTFIELDS, array(
                "secret"=>"xxxxxxxx","response"=>$recaptcha));
            $response = curl_exec($ch);
            curl_close($ch);
            $data = json_decode($response);     
    
        return $data->success;        
    }
    

    1. Also needed to change the security.yml at 'login_path' and 'check_path' with value 'new_login' that is a new route to Login Action

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt|error)|css|images|js)/
            security: false
        main:
            pattern: ^/
            form_login:
                provider: fos_userbundle
                default_target_path: homepage
                csrf_token_generator: security.csrf.token_manager
                login_path: new_login
                check_path: new_login
    
    1. at my view I added:

    <script src='https://www.google.com/recaptcha/api.js?hl=es'></script>
    
    1. inside the form:

    <div class="g-recaptcha" data-sitekey="xxxxxx"></div>
    

    Hope to help any in the same dilemma

    已采纳该答案
    打赏 评论

相关推荐 更多相似问题