I am implementing recaptcha with fosuserbundle.
Is it possible to stop user registration or password reset with an error message through event listeners?
Or should I just override the controllers?
I would prefer to avoid using a third bundle to integrate recaptcha
Thanks a lot for your time.
The registration_success occure just after sucessful submitting and perform the result in database so, just before performing you can send a httresponse (inside the response event) that provide redirection (or otherelse)
Related
I hope you can help me with this problem.
I want to put the user email in the logger file when the user logs out every time.
How can I do that? How can I pass the user information to the logout function?
thanks in advance
Check Symfony's way of logout customization to get information about how to implement such behavior (starting from Symfony 5.1).
The process uses a Symfony event listener. Check the official documentation for events and event listeners for more information about how to implement this.
I am using Symfony login system which is symfony will take care of the entire login process for me as long as I got the configuration (firewall) correctly.
How can I perform some custom validation before it performs the authentication process? For example, check the length of username, validate captcha code and etc. If one of the requirement does not meet, I need to stop further action (authentication) and return error message.
I know there is some authentication handlers like authentication success handler or authentication failure handler which allow you to do some action upon authentication successful or failure. Is there any handler like this that allow me put my custom code before performing authentication action?
You can create a custom authenticator, this is all you need:
http://symfony.com/doc/current/cookbook/security/custom_password_authenticator.html#the-password-authenticator
I am using HWIOAuthBundle with FOSUserBundle with success.
When I go to the /login page it redirects me to the Google Accounts, authorizes and returns back to the register form with filled data (except password fields).
Is it possible to auto register user with ommiting register form ?
In this case we do not need password because of authentication with Google Account.
How should I achieve this scenario ?
A question is a bit old, but better later than never.
You just need to create a custom provider - if you want to integrate the bundle with FOSUserBundle you need to override the FOSUBUserProvider class.
In HWIOAuthBundle/Security/Core/User directory you may find all providers that are available in the OAuthBundle out of the box.
To create new user while connecting you just need to override loadUserByOAuthUserResponse() method of the FOSUBUserProvider (or EntityUserProvider, etc.) provider class. As you may see, default method throws an exception if the user is not found in database, you just need it to call userManager and create new entry.
This is exactly the same situation as with FOSFacebookBundle intergration (if you did so).
Hopes this answer helps you (especially it may sound a bit chaotic).
Edit:
I've posted a blog post explaining the integration process.
Try this gist
or this tutorial
There's a good walk-through on how to integrate HWIOAuthBundle and FOSUserBundle to achieve the automatic user registration and update here, which might be worth a read:
https://gist.github.com/danvbe/4476697
Yes of course.
You should handle a response from google and authorize user manualy something like:
// authorize
$token = new OAuthToken(null, $user->getRoles());
$token->setUser($user);
$token->setAuthenticated(true);
// update session
$session = $this->getContainer()->get('session');
$session->set('_security_secured_area', serialize($token));
$session->save();
after user was authorized redirect to the call page by user
I have a login form in Symfony2.1, which is posted to my route, which has no controller attached, as Symfony takes care of the login internally.
Now how would I add a field to this form, call a SetXxxx() method on an entity, and persist it? I have no way of intercepting the POST value of my login form.
You can do this by implementing a custom Authentication Provider and creating your own authentication Token which persists one of it's members.
You can save yourself a lot of trouble creating an AuthenticationSuccessHandler ( see http://blog.alterphp.com/2011/10/set-up-authenticationsuccesshandler.html ), and injecting the entity manager or whatever service you have that takes care of updating your entity and persist it.
That blog implements directly the interface AuthenticationSuccessHandlerInterface, but you can do it as well extending Symfony\Component\Security\Http\Authentication\DefaultAuthenticationSuccessHandler and making your additions in onAuthenticationSuccess
Is there an event that gets fired right after ASP.NET authentication has failed to identify the user? I need to trigger an alarm every time that happens. Don't offer to implement custom membership provider nor to do it from the Login form's controller. I'm looking for native ASP.NET pipeline event. HttpApplication has two events: one for before Authentication and one after, but nothing for failure.
As far as I remeber, yes:
Have a close look at the logging capabilites of the HealthMonitoring section. It is not only possible to log errors, but also events such as successfull logins or failed login.
Have a look at http://www.asp.net/hosting/tutorials/logging-error-details-with-asp-net-health-monitoring-cs
I guess eventName="Failure Audits" is the way to go