security: | |
providers: | |
fos_userbundle: | |
id: fos_user.user_provider.username | |
encoders: | |
FOS\UserBundle\Model\UserInterface: sha512 | |
firewalls: | |
dev: | |
pattern: ^/(_(profiler|wdt)|css|images|js)/ | |
security: false | |
main: | |
pattern: ^/ | |
form_login: | |
provider: fos_userbundle | |
csrf_provider: form.csrf_provider | |
success_handler: acme.demo.xhr_authentication_success_handler | |
failure_handler: acme.demo.xhr_authentication_failure_handler | |
logout: true | |
anonymous: ~ | |
access_control: | |
- { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY } | |
- { path: ^/, role: ROLE_USER } | |
role_hierarchy: | |
ROLE_SUPER_ADMIN: ROLE_USER |
<?xml version="1.0" ?> | |
<container xmlns="http://symfony.com/schema/dic/services" | |
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | |
xsi:schemaLocation="http://symfony.com/schema/dic/services http://symfony.com/schema/dic/services/services-1.0.xsd"> | |
<parameters> | |
<parameter key="acme.demo.xhr_core_exception_listener.class">Acme\DemoBundle\Listener\XHRCoreExceptionListener</parameter> | |
<parameter key="acme.demo.xhr_authentication_success_handler.class">Acme\DemoBundle\Handler\XHRAuthenticationSuccessHandler</parameter> | |
<parameter key="acme.demo.xhr_authentication_failure_handler.class">Acme\DemoBundle\Handler\XHRAuthenticationFailureHandler</parameter> | |
</parameters> | |
<services> | |
<service id="acme.demo.xhr_core_exception_listener" class="%acme.demo.xhr_core_exception_listener.class%"> | |
<tag name="kernel.event_listener" event="kernel.exception" method="onCoreException" priority="1000" /> | |
</service> | |
<service id="acme.demo.xhr_authentication_success_handler" class="%acme.demo.xhr_authentication_success_handler.class%"> | |
<argument type="service" id="security.http_utils" /> | |
<argument type="collection" /> <!-- Options --> | |
</service> | |
<service id="acme.demo.xhr_authentication_failure_handler" class="%acme.demo.xhr_authentication_failure_handler.class%"> | |
<argument type="service" id="http_kernel" /> | |
<argument type="service" id="security.http_utils" /> | |
<argument type="collection" /> <!-- Options --> | |
<argument type="service" id="logger" on-invalid="null" /> | |
</service> | |
</services> | |
</container> |
<?php | |
namespace Acme\DemoBundle\Handler; | |
use Symfony\Component\Security\Http\Authentication\DefaultAuthenticationFailureHandler; | |
use Symfony\Component\Security\Core\Exception\AuthenticationException; | |
use Symfony\Component\HttpFoundation\Request; | |
use Symfony\Component\HttpFoundation\JsonResponse; | |
class XHRAuthenticationFailureHandler extends DefaultAuthenticationFailureHandler | |
{ | |
/** | |
* @param Request $request | |
* @param AuthenticationException $exception | |
* | |
* @return Response | |
*/ | |
public function onAuthenticationFailure(Request $request, AuthenticationException $exception) | |
{ | |
if ($request->isXmlHttpRequest()) { | |
$content = array( | |
'success' => false, | |
'message' => $exception->getMessage() | |
); | |
return new JsonResponse($content, 400); | |
} | |
return parent::onAuthenticationFailure($request, $exception); | |
} | |
} |
<?php | |
namespace Acme\DemoBundle\Handler; | |
use Symfony\Component\Security\Http\Authentication\DefaultAuthenticationSuccessHandler; | |
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface; | |
use Symfony\Component\HttpFoundation\Request; | |
use Symfony\Component\HttpFoundation\JsonResponse; | |
class XHRAuthenticationSuccessHandler extends DefaultAuthenticationSuccessHandler | |
{ | |
/** | |
* @param Request $request | |
* @param TokenInterface $token | |
* | |
* @return Response | |
*/ | |
public function onAuthenticationSuccess(Request $request, TokenInterface $token) | |
{ | |
if ($request->isXmlHttpRequest()) { | |
$content = array( | |
'success' => true | |
); | |
return new JsonResponse($content, 200); | |
} | |
return parent::onAuthenticationSuccess($request, $token); | |
} | |
} |
<?php | |
namespace Acme\DemoBundle\Listener; | |
use Symfony\Component\HttpFoundation\JsonResponse; | |
use Symfony\Component\HttpKernel\Event\GetResponseForExceptionEvent; | |
use Symfony\Component\HttpFoundation\Response; | |
class XHRCoreExceptionListener | |
{ | |
/** | |
* Handles security related exceptions. | |
* | |
* @param GetResponseForExceptionEvent $event | |
*/ | |
public function onCoreException(GetResponseForExceptionEvent $event) | |
{ | |
$exception = $event->getException(); | |
$request = $event->getRequest(); | |
if (! $request->isXmlHttpRequest()) { | |
return; | |
} | |
// Assume a server error if no explicit code is given | |
$statusCode = $exception->getCode(); | |
if (!array_key_exists($statusCode, Response::$statusTexts)) { | |
$statusCode = 500; | |
} | |
$content = array('success' => false, 'message' => $exception->getMessage()); | |
$response = new JsonResponse($content, $statusCode); | |
$event->setResponse($response); | |
} | |
} |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment