如何在Symfony AdvancedUserInterface中使用凭证过期属性?[英] How to use the credentials expired property in Symfony AdvancedUserInterface?

本文是小编为大家收集整理的关于如何在Symfony AdvancedUserInterface中使用凭证过期属性?的处理/解决方法,可以参考本文帮助大家快速定位并解决问题,中文翻译不准确的可切换到English标签页查看源文。

问题描述

在Symfony 2.4项目中,我们的客户希望强迫用户每天更改密码.我们看到数据库中的列" recertentials_expired"和" recortentials_expire_at"以及在UserChecker类中抛出AccountExpiredException的检查似乎是为此目的,但是我找不到有关如何启用或配置此的任何文档功能.

  • 如何在每个密码更改中使用recretentials_expire_at列填充日期n?
  • 如果密码过期,用户仍然可以更改密码?
  • 如何提前几天警告用户有关Passoword的到期?
  • 是否可以禁止重复使用最后一个密码?

推荐答案

实际上,这是您要捕获的CredentialsExpiredException.如果您使用的是 symfony securgony安全组件,然后处理此操作的最简单方法是检查SecurityController的loginAction中的异常:

use Symfony\Component\Security\Core\Exception\CredentialsExpiredException;
use Symfony\Component\Security\Core\SecurityContextInterface;

...

$error = $this->get('session')->get(SecurityContextInterface::AUTHENTICATION_ERROR);

// check if credentials have expired
if ($error instanceof CredentialsExpiredException) {
    // display the change password form
    return new Response($this->renderView('AcmeDemoBundle:Security:changePassword.html.twig'));
}

显然您需要创建一个更改密码的路由,您可以将其设置为changePassword模板的表单操作.然后可以在您的SecurityController中相应地处理密码更改请求.

您的业务逻辑的核心可以/应该存在于UserManager(或您想称呼的任何东西)中的服务类中,您可以根据需要从SecurityController中进行实例化和调用.

希望会有所帮助.

注意:对于后代,已过期的用户对象存储在CredentialsExpiredException异常中,因此,如果您需要采取行动以处理过期的密码,则可以轻松检索它:

$error->getUser();

本文地址:https://www.itbaoku.cn/post/2090774.html

问题描述

In a Symfony 2.4 project our client wants to force the users to change their password every N days. We saw that there are columns "credentials_expired" and "credentials_expire_at" in the database and a check that throws an AccountExpiredException in the UserChecker class that seem to be for that purpose, but I can't find any documentation on how to enable or configure this feature.

  • How can the credentials_expire_at column be filled with a date N days after now on every password change?
  • How can a user still change the password, if the password is expired?
  • How to warn the user about the passoword expiration some days in advance?
  • Is it possible to forbid the reuse of the last password?

推荐答案

Actually, it's the CredentialsExpiredException you want to catch. If you're using the Symfony Security component, then the simplest way to handle this is to check for the exception in the loginAction of your SecurityController:

use Symfony\Component\Security\Core\Exception\CredentialsExpiredException;
use Symfony\Component\Security\Core\SecurityContextInterface;

...

$error = $this->get('session')->get(SecurityContextInterface::AUTHENTICATION_ERROR);

// check if credentials have expired
if ($error instanceof CredentialsExpiredException) {
    // display the change password form
    return new Response($this->renderView('AcmeDemoBundle:Security:changePassword.html.twig'));
}

You'll obviously need to create a route for changing passwords, which you can set as the form action of your changePassword template. Password change requests can then be handled accordingly in your SecurityController.

The core of your business logic can/should exist within a UserManager (or whatever you wish to call it) service class, which you can instantiate and invoke as needed from your SecurityController.

Hope that helps.

NOTE: For posterity, the expired user object is stored within the CredentialsExpiredException exception, so you can easily retrieve it if you need to act upon it for handling expired passwords:

$error->getUser();