我在Symfony2网站上使用FOSUserBundle.现在我正在开发一个API,允许通过REST api调用进行注册.
我已经覆盖了FOSUserBundle的RegistrationController:
ApiRegistrationController.PHP:
/**
* @Route("/user/", defaults = { "_format" = "json" }, requirements = { "_method" = "POST" })
*
*/
public function registeraction(Request $request)
{
[...]
$form = $formFactory->createForm(new ApiRegistrationFormType(), $user);
[...]
}
ApiRegistrationFormType.PHP:
/**
* @param OptionsResolverInterface $resolver
*/
public function setDefaultOptions(OptionsResolverInterface $resolver)
{
$resolver->setDefaults(array(
'data_class' => 'Benmarten\UserBundle\Entity\User',
'intention' => 'registration',
'csrf_protection' => false
));
}
我得到关于错误的CSRF令牌的错误,所以我创建了自己的RegistrationFormType,以禁用CSRF – 但它被调用…
如何仅为api调用实现禁用CSRF令牌?
解决方法:
经过大量的时间摆弄,我得到了它的工作.我希望能节省一些时间.
我使用FOSRestBundle.
我在我的包中创建了自己的RestController:
RestController.PHP
namespace Benmarten\UserBundle\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use FOS\UserBundle\FOSUserEvents;
use FOS\UserBundle\Event\FormEvent;
use FOS\UserBundle\Event\GetResponseUserEvent;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use FOS\RestBundle\View\View;
/**
* Rest Controller
*/
class RestController extends Controller
{
/**
* Create a new resource
*
* @param Request $request
* @return View view instance
*
*/
public function postUserAction(Request $request)
{
/** @var $formFactory \FOS\UserBundle\Form\Factory\FactoryInterface */
$formFactory = $this->container->get('fos_user.registration.form.factory');
/** @var $userManager \FOS\UserBundle\Model\UserManagerInterface */
$userManager = $this->container->get('fos_user.user_manager');
/** @var $dispatcher \Symfony\Component\Eventdispatcher\EventdispatcherInterface */
$dispatcher = $this->container->get('event_dispatcher');
$user = $userManager->createuser();
$user->setEnabled(true);
$event = new GetResponseUserEvent($user, $request);
$dispatcher->dispatch(FOSUserEvents::REGISTRATION_INITIALIZE, $event);
if (null !== $event->getResponse()) {
return $event->getResponse();
}
$form = $formFactory->createForm();
$form->setData($user);
$jsonData = json_decode($request->getContent(), true); // "true" to get an associative array
if ('POST' === $request->getmethod()) {
$form->bind($jsonData);
if ($form->isValid()) {
$event = new FormEvent($form, $request);
$dispatcher->dispatch(FOSUserEvents::REGISTRATION_SUCCESS, $event);
$userManager->updateUser($user);
$response = new Response("User created.", 201);
return $response;
}
}
$view = View::create($form, 400);
return $this->get('fos_rest.view_handler')->handle($view);
}
}
RestRegistrationFormType.PHP
namespace Benmarten\UserBundle\Form;
use Symfony\Component\Form\AbstractType;
use Symfony\Component\Form\FormBuilderInterface;
use Symfony\Component\OptionsResolver\OptionsResolverInterface;
use Symfony\Component\DependencyInjection\Container;
class RestRegistrationFormType extends AbstractType
{
protected $routeName;
private $class;
/**
* @param string $class The User class name
*/
public function __construct(Container $container, $class)
{
$request = $container->get('request');
$this->routeName = $request->get('_route');
$this->class = $class;
}
public function buildForm(FormBuilderInterface $builder, array $options)
{
if ($this->routeName != "post_user")
{
$builder
->add('email', 'email', array('label' => 'form.email', 'translation_domain' => 'FOSUserBundle'))
->add('username', null, array('label' => 'form.username', 'translation_domain' => 'FOSUserBundle'))
->add('plainPassword', 'repeated', array(
'type' => 'password',
'options' => array('translation_domain' => 'FOSUserBundle'),
'first_options' => array('label' => 'form.password'),
'second_options' => array('label' => 'form.password_confirmation'),
'invalid_message' => 'fos_user.password.mismatch',
))
;
}
else
{
$builder
->add('email', 'email')
->add('username', null)
->add('plainPassword', 'password')
;
}
}
public function setDefaultOptions(OptionsResolverInterface $resolver)
{
if ($this->routeName != "post_user")
{
$resolver->setDefaults(array(
'data_class' => $this->class,
'intention' => 'registration',
));
}
else
{
$resolver->setDefaults(array(
'data_class' => $this->class,
'intention' => 'registration',
'csrf_protection' => false
));
}
}
public function getName()
{
return 'fos_user_rest_registration';
}
}
将服务添加到Services.xml:
<service id="ben_marten.rest_registration.form.type" class="Benmarten\UserBundle\Form\RestRegistrationFormType">
<tag name="form.type" alias="fos_user_rest_registration" />
<argument type="service" id="service_container" />
<argument>Benmarten\UserBundle\Entity\User</argument>
</service>
在config.yml中:
registration:
form:
type: fos_user_rest_registration
所以基本上我告诉FOS用户包使用我自己的注册表格,并根据路由我启用csrf令牌或不…
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。