I am new to Symfony2. I am trying to use FOSUserBundle for user authentication.
Is it possible to use single FOSUserBundle for admin as well as front end section? If yes, then what changes i will need to make at script level?
What i want is:
1. if i access url http://localhost/symfony/admin/ then i should be redirected to http://localhost/symfony/admin/login if admin is not logged in and after successful login, i should be redirected to http://localhost/symfony/admin/
2. if i access url http://localhost/symfony/profile/ then i should be redirected to http://localhost/symfony/login if user is not logged in and after successful login, i should be redirected to http://localhost/symfony/profile/.
By default FOSUserBundle create user as administrator. So what change need to place in to let bundle create user role for front end automatically and admin role for admin section.
You need to override the authentication-success listener in your security configuration to have user's redirected to different pages after login depending on their roles.
Have a look at this answer and maybe find some inspiration by looking at symfony's DefaultAuthenticationSuccessHandler.
Further you will need to override the access-denied handler ( see this answer ) to have user's get redirected to different login pages depending on the url they're trying to access without being authenticated.
Related
I am trying to customize my frappe app based on a role.
user with Role Website logs in.
Check if the user has company set
If it is not set then redirect them to a custom page where they can select company.
If the user tries to navigate away to any other URL then redirect them to Step 2.
I believe it can be done with a middleware. But, my question is, where would we invoke the middleware in my custom app?
I tried to to add a custom middleware and tried to invoke in the frappe app but I dont think this is the suggested way.
You should be able to add an auth or login hook to do this for you. Check the user data, set the route location in the flags and raise frappe.Redirect
Refs:
Auth Hooks
Session Hooks
Searches in the Frappe Source Code (keywords: redirect, redirect_location)
I want to block all account (include administrator & superadmin) when try to wp-admin. And I can create a role with a new capability. If account have this role/capability it accept loging. It's possible?
Note: This should not prevent the account from logging into the system. In other words, the cookie and the login session of the person should occur again. Only wp-admin should not be able to access special pages with all parameters it contains if the account is not have custom role.
I'm building a shop system at the moment. Using Symfony+CommerceTools as backend and Twig as frontend.
What I want to achive:
In store A, called with a.store.com, you should be always redirected to /login page if you arent logged in yet. This store can only be used when logged in.
In store B, called with store.com, you can access anything without being logged in.
Right now, anyone can access everything. Thats right for store B.
I could add a rule to the security.yaml, that redirects to /login if not logged in, that would work for store A.
But I need a solution, that have both. Depending on a variable in commerceTools.
So if you have logins set up this is quite straight forward using roles in Symfony. If you don't have a login form set up yet check out this Symfony login guide.
To use roles you will have to ensure you have your security system set up which is in this Symfony Security guide - Note this will need to be set up first if you intend to use the Symfony login forms I linked to first.
The bit you need in particular to restrict access to certain sections of your site is Section 4) Denying Access, Roles and other Authorization in the above guide.
Essentially in your User entity class you have roles set to your users. Then, my preferred way of securing certain parts of your site would be by adding role requirements into the controllers for the views you want to secure, for example:
// src/Controller/ShopAController.php
// ...
public function shopA(): Response
{
$this->denyAccessUnlessGranted('ROLE_USER');
}
You will notice when setting up the security system, that there are settings to give any registered users the role of ROLE_USER, so you can use this to secure parts of your site to only registered users, or you could create a new role such as ROLE_CUSTOMER or something.
If a none logged in user tries accessing this secured view, they will be redirected to the login page.
Then for the views of your site you want anyone to be able to access you simply don't set any role access rules in those controllers.
This avoids needing to add URL paths to your security.yaml as you wanted as well.
I hope this was helpful! Give it a try and follow the Symfony tutorials I linked, they're very easy to follow :)
I have successfully set up the FOSUserBundle and the FR3D LDAP bundle to allow my company users to login to the web app with their own login.
From now, if someone logins, they will have the default role, which is ROLE_USER.
However, I only want a specific role to be allowed (in this case it's ROLE_CONSULT, which I created).
What I am doing to allow users at this moment is:
Ask the user to login to the web app
They get the "You have no right to access this web page"
They tell me he connected
I change the user's role to "ROLE_CONSULT" with a form I created within the admin panel.
What I want to do is:
I select the user from the LDAP list
Change the user role (which is not on the database yet, but will be as soon as I change the role)
The user logins successfully
I already developed the 1 and 2 points, but as the "salt" is empty on the database, it doesn't allow the user to connect as it must believe the password isn't correct.
Any idea how I can make it work by telling Symfony2 it is the first login, it will automatically ONLY check the entered password at my LDAP configuration ?
Thanks.
Alright, that was easy.
I just forgot to put the "DN" to the database.
Now it's working.
A customer ask to create a one step form : registration + login;
I have configure plone to let the user choose the password, so at data level we should be able to achieve this.
Now at code level, I have no idea which API I'm supposed to use to 'logged in' a user while having it's username and password.
By default Plone show two screen after the registration before having the web site:
registration form
success page with a login button
success logged in page.
have to move your self in the website has member
I want to short cut this to:
registration form
redirect to dashboard
You can use the updateCredentials() method on the acl_users user folder; it'll call the right plugins, resulting in a cookie being set for the user in a default Plone setup:
users = getToolByName(self.context, 'acl_users')
users.updateCredentials(self.request, self.request.response, username, password)
The method needs request, response, username and password parameters.
Customize portal_skins/plone_login/registered and insert a redirect to the dashboard.