douguangxiang0363 2014-02-19 22:04
浏览 46
已采纳

将所有路由重定向到一个URL,直到满足条件

I have a user entity, which has a boolean "hasTmpPassword". This boolean is set to true until the user changes its password.

After login with the temp password, I redirect to my changePassword page (with DefaultAuthenticationSuccessHandler )

How can I prevent a login user (with temp password), to access other pages of the website, and always redirect him toward the changePassword page?

Thanks!

  • 写回答

2条回答 默认 最新

  • dshakcsq64956 2014-02-19 22:32
    关注
    1. after login that user you should set flag in his session (ie. changePasswordNeeded).

      $request->getSession()->set('changePasswordNeeded', true);

    2. Add listener, which will be fired onKernelRequest

      kernel.listener.your_listener_name: class: YourLitenerClass tags: - { name: kernel.event_listener, event: kernel.controller, method: onKernelRequest }

    3. Redirect to form each request except change_temp_password request (for selected users)

      public function onKernelRequest(FilterControllerEvent $event) {

        $request = $event->getRequest();
      
        if ($request->getSession()->has('changePasswordNeeded')) {
          $expectedRoute = 'change_temp_password';
          if ($expectedRoute === $event->getRequest()->get('_route')) {
            return;
          }
      
          $url = $this->router->generate($expectedRoute);
          $response = new RedirectResponse($url);
          $event->setResponse($response); 
        }        
      }
      
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥15 【提问】基于Invest的水源涵养
  • ¥20 微信网友居然可以通过vx号找到我绑的手机号
  • ¥15 spring后端vue前端
  • ¥15 寻一个支付宝扫码远程授权登录的软件助手app
  • ¥15 解riccati方程组
  • ¥15 display:none;样式在嵌套结构中的已设置了display样式的元素上不起作用?
  • ¥15 使用rabbitMQ 消息队列作为url源进行多线程爬取时,总有几个url没有处理的问题。
  • ¥15 Ubuntu在安装序列比对软件STAR时出现报错如何解决
  • ¥50 树莓派安卓APK系统签名
  • ¥65 汇编语言除法溢出问题