php symfony - IS_AUTHENTICATED_ANONYMOUSLY无法正常工作

krcsximq  于 2023-03-16  发布在  PHP
关注(0)|答案(3)|浏览(122)

我从《与森丰尼的旅程》开始。
此时,我试图保护我的身份验证路径(我使用FOSUserBundle),所以我这样做:

access_control:
    - { path: ^/logowanie$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/rejestracja, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/resetowanie-hasla, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/backstage/, role: ROLE_ADMIN }
    - { path: ^/profile/, role: ROLE_USER }

但是,无论我是否登录,我都可以访问这些路线。
我的错在哪里?

# To get started with security, check out the documentation:
# https://symfony.com/doc/current/security.html
security:
    encoders:
        FOS\UserBundle\Model\UserInterface: bcrypt

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: ROLE_ADMIN

    providers:
        fos_userbundle:
            id: fos_user.user_provider.username

    firewalls:
        main:
            pattern: ^/
            form_login:
                provider: fos_userbundle
                csrf_token_generator: security.csrf.token_manager
                check_path: fos_user_security_check
                login_path: fos_user_security_login
            logout:
                path: fos_user_security_logout
                target: website.home
            logout:       true
            anonymous:    true

    access_control:
        - { path: ^/logowanie$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/rejestracja, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/resetowanie-hasla, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/backstage/, role: ROLE_ADMIN }
        - { path: ^/profile/, role: ROLE_USER }
9ceoxa92

9ceoxa921#

您应该将访问权限限制为已登录用户,现在如果用户已登录,则还具有角色IS_AUTHENTICATED_ANONYMOUSLY,这是角色层次结构。

- { path: ^/logowanie$, role: IS_AUTHENTICATED_ANONYMOUSLY && !IS_AUTHENTICATED_FULLY }
s5a0g9ez

s5a0g9ez2#

您可以使用 PUBLIC_ACCESS 代替 IS_AUTHENTICATED_ANONYMOUSLY

access_control:
      - { path: ^/logowanie$, roles: PUBLIC_ACCESS }

最诚挚的问候)

6kkfgxo0

6kkfgxo03#

对我很有效

access_control:
      - { path: ^/logowanie$, roles: PUBLIC_ACCESS }

相关问题