grimzy/security-json-service-provider

服务提供者 JSON 认证

维护者

详细信息

github.com/grimzy/security-json-service-provider

源代码

问题

安装: 19

依赖: 0

建议者: 0

安全: 0

星标: 0

关注者: 3

分支: 0

开放问题: 0

v1.0.0 2017-02-21 06:18 UTC

Requires

Requires (Dev)

MIT 6376c5fe3d525055cecba3f8e7d8b94cefa7b9b7

  • Joseph Estefane <estefanejoe.woop@gmail.com>

This package is auto-updated.

Last update: 2024-08-29 04:37:34 UTC

README

Build Status Packagist Packagist Packagist Pre Release license

此安全工厂提供了对无法使用的 form_login 的无 Cookie 替代方案。

由于它们依赖于 Cookie,此安全工厂不支持 switch_userlogout 配置选项。

安全建议:尽管不是强制性的,但强烈建议使用 HTTPS。

安装

使用命令行

composer require grimzy/security-json-service-provider:1.0^

或添加到 composer.json

"grimzy/security-json-service-provider:1.0^"

用法

配置防火墙

$app['security.firewalls'] = [
  'login' => [
    'pattern' => '^/api/login',
    'anonymous' => true,
    'stateless' => true,
    'json' => [
      // Default configuration
      'username_parameter' => 'username',
      'password_parameter' => 'password',
      'post_only' => true,
      'json_only' => true
    ]
  ],

  'secured' => [
    'pattern' => '^.*$',
    'stateless' => true,
    'token' => true	
  ],
];

添加用户提供者

$app['users'] = function () use ($app) {
  return new InMemoryUserProvider([
    'admin' => [
      'roles' => ['ROLE_ADMIN'],
      'password' => '5FZ2Z8QIkA7UTZ4BYkoC+GsReLf569mSKDsfods6LYQ8t+a8EW9oaircfMpmaLbPBh4FOBiiFyLfuZmTSUwzZg==',	// foo
      'enabled' => true
    ],
  ]);
};

示例配置

$app['security.firewalls' => [
  'login' => [
    'pattern' => '^/api/login',
    'anonymous' => true,
    'stateless' => true,
    'json' => [
      // Default configuration
      'username_parameter' => 'username',
      'password_parameter' => 'password',
      'post_only' => true,
      'json_only' => true
    ]
  ],

  'secured' => [
    'pattern' => '^.*$',
    'stateless' => true,
    'token' => true
  ],
]];

注册服务提供者

$app->register(new Silex\Provider\SecurityServiceProvider());
$app->register(new Silex\Provider\SecurityJsonServiceProvider());

定义路由(仅在成功认证后可访问

use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\JsonResponse;

$app->post('/api/login', function(Request $request) use ($app) {
  $user = $app['user'];	// Logged in user
  
  $token = $app['some.token_encoder']->encode($user);
  
  return new JsonResponse([
    'token' => $token
  ]);
};

注意:如果 post_onlyfalse,则在定义路由时可以使用 $app->get() 代替 $app->post

重写入口点

创建一个实现 Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface 的新类

use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Http\EntryPoint\AuthenticationEntryPointInterface;

class GandalfAuthenticationEntryPoint implements AuthenticationEntryPointInterface
{
    /**
     * {@inheritdoc}
     */
    public function start(Request $request, AuthenticationException $authException = null)
    {
        return new Response('You shall not pass!', Response::HTTP_UNAUTHORIZED);
    }
}

用创建的类替换打包的 JsonAuthenticationEntrypoint

$app->register(new Silex\Provider\SecurityJsonServiceProvider());

// after registering the provider
$app['security.entry_point.json'] = function () use ($app) {
    return new GandalfAuthenticationEntryPoint();
};