Symfony sfDoctrineGuardPlugin user request

Question

Symfony sfDoctrineGuardPlugin user request

I use symfony sfDoctrineGuardPlugin to manage authentication for both external users and backend users. This is great, except that I do not want users with an interface to be able to log into the backend application. I can set up credentials, but credentials are verified after user authentication. I want sigin on the form to never be checked for the user, that is, not in the backend group. How can i do this?

+3

symfony1 symfony-1.4 doctrine doctrine-1.2 sfdoctrineguard

Jiamid Jan 19 '11 at 12:49

source share

3 answers

Here is one idea: you can try creating a custom post-validator for the login form. Here is the result of Google:

http://www.symfony-project.org/blog/2008/09/05/call-the-expert-how-to-implement-a-conditional-validator

In this validator, you can check whether the user belongs to this group, and then, accordingly, throw an error. User will not receive authentication.

0

Tom Jan 19 '11 at 15:57

source share

, :

  storage:
    class: sfSessionStorage
    param:
      session_name: sf_backend

backend/config/factories.yml symfony , symfony cookie.

0

Julien 03 . '12 10:30

Jiamid · Accepted Answer · 2011-01-20T13:44:09+0000

I think I have found a better solution. The sfDoctrineGuard plugin has its own message validator that checks for an optional user being called.

//app.yml
all:
  sf_guard_plugin:
    retrieve_by_username_callable: sfGuardUser::getForBackend

//sfGuardUser.class.php

  public static function getForBackend($username)
  {
    $query = Doctrine::getTable('sfGuardUser')->createQuery('u')
      ->leftJoin('u.Groups g')
      ->leftJoin('g.Permissions p')
      ->where('u.username = ? OR u.email_address = ?', array($username, $username))
      ->addWhere('u.is_active = ?', true)
      ->addWhere('p.name = ?', 'backend');

    return $query->fetchOne();
  }

Symfony sfDoctrineGuardPlugin user request

More articles: