通过
搜索
搜索rockz / email-auth-bundle
此包已被废弃且不再维护。没有建议的替代包。
通过向用户的邮箱发送授权请求来验证用户。
v1.0.0
2018-06-03 13:03 UTC
Requires
- php: ^7.1
- doctrine/doctrine-bundle: ^1.8.0
- symfony/orm-pack: ^1.0.4
- symfony/security: ^4.0
- symfony/security-bundle: ^4.0
- symfony/swiftmailer-bundle: ^3.2
- symfony/twig-bundle: ^4.0
Requires (Dev)
- symfony/phpunit-bridge: ^4.0@dev
This package is not auto-updated.
Last update: 2021-08-22 09:09:53 UTC
README
此扩展包提供了一种仅通过电子邮件验证注册用户的方法。将发送一个魔法链接给用户,用户可以接受或拒绝此请求。
注意:此扩展包目前尚未准备好用于生产环境!
此扩展包仅支持symfony 4。
安装
1. 下载扩展包
composer require rockz/email-auth-bundle
2. 配置
通过向其中添加rockz_email_auth键来配置防火墙。提供用于身份验证过程的用户提供者。
# /config/packages/security.yaml security: firewalls: main: rockz_email_auth: ~
导入扩展包特定的路由。
# /config/routes/rockz_email_auth.yaml _some_routing_key: resource: "@RockzEmailAuthBundle/Resources/config/routes.xml"
3. 准备模板
将此最小表单插入到页面的某个位置。
<form action="" method="post"> <input type="text" name="email_auth"> </form>
请求必须是POST,提供的email_auth参数包含用户邮箱。
4. 更新数据库
生成迁移或立即更新数据库模式
# Quick update bin/console doctrine:schema:update --force # don't do this in production # or generate migrations bin/console doctrine:migrations:diff bin/console doctrine:migrations:migrate
5. 配置SwiftMailer
此扩展包使用SwiftMailer向用户发送电子邮件,该用户由配置的用户提供者提供。
6. CSRF保护(可选)
您可以为登录表单启用CSRF保护。
在rockz_email_auth的防火墙设置下启用csrf_protection。
# /config/packages/security.yaml security: firewalls: main: rockz_email_auth: csrf_protection: true
将以下部分添加到您的登录表单中
<input type="hidden" name="_csrf_token" value="{{ csrf_token('rockz_email_auth_authenticate') }}">
如果您尚未要求symfony/form,可以通过运行以下操作来实现
composer require symfony/form
它包含twig的csrf_token辅助方法。
配置
大多数扩展包行为是在安全部分的防火墙配置中配置的。
# /config/packages/security.yaml security: firewalls: main: rockz_email_auth: # Required to remember an authentication between requests remember_me: true # Service id of handlers pre_auth_success_handler: ~ pre_auth_failure_handler: ~ success_handler: ~ failure_handler: ~ # input field parameter from the form/request email_parameter: email_auth # redirect the user to this path/route if the user hits a restricted area initial_redirect: /access # redirect the user to this path/route after an authorization request is sent pre_auth_success_redirect: /waiting # redirect the user to this path/route after an authorization request was rejected by the system pre_auth_failure_redirect: '/#partial_failure' # redirect the user to this path/route after an authorization request was accepted by the user success_redirect: / # redirect the user to this path/route after an authorization request was rejected by the system or the user failure_redirect: '/#total_failure' # bundle's core service for remote authorizations remote_authorization: authorize_route: rockz_email_auth_authorization_authorize refuse_route: rockz_email_auth_authorization_refuse from_email: changeme@example.com template_email_authorize_login: '@RockzEmailAuth/emails/authorization/login.html.twig' # optional csrf protection, requires symfony/form package csrf_protection: false csrf_token_id: rockz_email_auth_authenticate csrf_parameter: _csrf_token
示例设置
待定。
以下部分应说明如何使用此扩展包。
# /config/packages/security.yaml security: providers: in_memory_members: memory: users: john@example.com: roles: ROLE_USER emely@example.com: roles: ROLE_USER firewalls: # custom firewall for the email authentication premium_firewall: # your user provider goes here (can be anything that provides a user) provider: in_memory_members # actual bundle specific configuration rockz_email_auth: remote_authorization: from_email: "john.fox@example.com" # support logout logout: path: /logout target: / # allow anonymous users to reach any routes anonymous: ~ #... access_control: - { path: ^/premium, roles: ROLE_USER } - { path: ^/account, roles: ROLE_USER }
导入授权控制器的路由。创建该文件(顺便说一下,您可以命名它任何您想要的名字)。
# /config/routes/rockz_email_auth.yaml _some_routing_key: resource: "@RockzEmailAuthBundle/Resources/config/routes.xml" # previously configured logout action needs this path logout: path: /logout