开发者

Separate frontend and backend users with sfDoctrineGuardPlugin

问答 作者:

i'm starting a project adn i'm using symfony, my first time with symfony, really great actually, i already install the sfDoctrineGuardPlugin and everything is ok untill now, why?, because frontend users can login in the backend and vice versa, i dont't want that, so, i start to google, i found Symfo开发者_开发问答ny sfDoctrineGuardPlugin custom login query here in SO, but i don't know where i should place the function so, i haven't tested it.

As i don't want frontend users can login in the backend, i think i can use credentials, can i?? but, symfony check for users credentials after they are logged, and i don't want tha neither, so, how can i achieve this?, maybe if i could have namespaces in the session, i can check if an admin in the backend namespace and also for frontend users, so they never get fixed, i think.

I don't know really know if sfDoctrineGuardPlugin have some configuration that can manage this situation, exist such a config??

Also, in my backend, i will like to have a page to manage the frontend users, and other for backend users, because frontend users will have a profile and addresses, think this is much easier, but i don't know where to start.

need some help over here

thanks

After a few days coding, i was able to do it exactly as i wanted, i'm going to share my solution:
I started with an example i found here in SO, you can read the post here:
Symfony sfDoctrineGuardPlugin custom login query it gave me an idea and i executed it, so, i create \lib\Util.class.php, with to functions, one for query backend users and another for frontend users 

static public function retrieveCustomer($username, $isActive = true)
{
    $query = Doctrine_Core::getTable('sfGuardUser')->createQuery('u')
    ->leftJoin('u.Groups g')
    ->leftJoin('g.Permissions p')
    ->where('u.username = ?', $username)
    ->addWhere('u.is_active = ?', $isActive)
    ->addWhere('g.name = ?', 'customers');

    return $query->fetchOne();
}

static public function retrieveAdmin($username, $isActive = true)
{
    $query = Doctrine_Core::getTable('sfGuardUser')->createQuery('u')
    ->leftJoin('u.Groups g')
    ->leftJoin('g.Permissions p')
    ->where('u.username = ?', $username)
    ->addWhere('u.is_active = ?', $isActive)
    ->whereIn('g.name', array('administrators','operators'));

    return $query->fetchOne();
}

Now, in the app.yml of each app, i override the default query of the plugin 

#Example for apps/backend/config/app.yml
all:
    sf_guard_plugin:
        retrieve_by_username_callable: Util::retrieveAdmin

untill now all was good, but i started to face another problem, so i open a new thread: Overwriting isAuthenticated() in symfony and there i got the final step for my solution, that was setting differents session name for each app, so, in the factories.yml of each app: 

#apps\backend\config\factories.yml
storage:
  class: sfSessionStorage
  param:
    session_name: backend

and now all is set, frontend users can not log in in backend app and vice versa.

feel free to comment

The most common approach is through credentials, my backend applications security.yml looks like:

all:
  is_secure: on
  credentials: [login_backend]

继续阅读:phppluginssfguardsymfony1

更多精彩内容

0

上一篇:

下一篇:

精彩评论

暂无评论...
登录 注册
Qedev.com
验证码 换一张
取 消

最新问答

问答排行榜

法律声明:本站内容均为网友上传,网站举办方负责审核和监督,

如存在版权或非法内容,欢迎举报,我们将尽快予以删除。

Copyright © 2018-2020 开发者. All rights reserved.

Powered by 开发者

ICP备案号: 京ICP备10032868号-9