网站需要登陆后,一段时间后需要再次登陆,来保证安全。思路就是,监听登陆成功,然后保存此时时间,存入session,然后在监听响应,一旦时间超过,规定时间,直接跳转退出。
1、app/config/security.yml
main:
anonymous: ~
form_login:
login_path: /login #登陆表单页
check_path: /login #登陆校验url
default_target_path: / #登陆后的目标页
success_handler: sc.authorization_handle #登陆成功后
2、在对应的Scbundle/Resources/config/services.yml注册服务
sc.authorization_handle:
class:ScBundle\Service\AuthorizationHandle
calls:
- [ setContainer, ["@service_container"] ]
3、在ScBundle/Service/AuthorizationHandle.php编写逻辑
<?php
namespace ScBundle\Service;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\RouterInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Http\Authentication\AuthenticationSuccessHandlerInterface;
use Symfony\Component\DependencyInjection\ContainerAwareTrait;
class AuthorizationHandle implements AuthenticationSuccessHandlerInterface
{
use ContainerAwareTrait;
/**
* This is called when an interactive authentication attempt succeeds. This
* is called by authentication listeners inheriting from
* AbstractAuthenticationListener.
*
* @param Request $request
* @param TokenInterface $token
*
* @return Response never null
*/
function onAuthenticationSuccess(Request $request, TokenInterface $token){
$user = $token->getUser();
$name = $user->getname(); //暂时没用
$session = $request->getSession();
$session->set('LoginTime',time());
return new RedirectResponse($this->container->get('router')->generate('sc.index'));
}
}
这样登陆后,时间就存入了session之中
4、app/config/services.yml注册服务,监听response与request
kernel.listener.request_listener:
class: AppBundle\EventListener\RequestListener
arguments: ['@service_container']
tags:
- { name: kernel.event_listener, event: kernel.request, method: onKernelRequest}
- { name: kernel.event_listener, event: kernel.response, method: onKernelResponse }
5、在AppBundle\EventListener\RequestListener.php编写逻辑
<?php
namespace AppBundle\EventListener;
use Symfony\Component\HttpKernel\Event\GetResponseEvent;
use Symfony\Component\HttpKernel\Event\FilterResponseEvent;
use Symfony\Component\DependencyInjection\ContainerInterface;
use Symfony\Component\HttpFoundation\RedirectResponse;
class RequestListener
{
protected $container;
public function __construct(ContainerInterface $container) // this is @service_container
{
$this->container = $container;
}
public function onKernelRequest(GetResponseEvent $event) //没有什么用,实验所用
{
$kernel = $event->getKernel();
$request = $event->getRequest();
$container = $this->container;
}
public function onKernelResponse(FilterResponseEvent $event)
{
$response = $event->getResponse();
$request = $event->getRequest();
$kernel = $event->getKernel();
$container = $this->container;
$user = $request->getUser();
$session = $request->getSession();
$timeout = 30; //分钟
$LoginTime = $session->get('LoginTime');
if($LoginTime){
$value = time() - $LoginTime;
if($value >= $timeout*60){
$url = $container->get('router')->generate('logout');
$response = new RedirectResponse($url);
$event->setResponse($response);
}
}
}
}
这样就可以,登陆半个小时后,会退出需要重新登陆!!!
对symfony了解还差很多,欢迎提出意见~~~