Finished authentication

Signed-off-by: Gergely POLONKAI (W00d5t0ck) <polesz@w00d5t0ck.info>
2012-07-02 22:41:06 +02:00
parent f2370faa68
commit e1fde17057
16 changed files with 214 additions and 20 deletions
--- a/app/AppKernel.php
+++ b/app/AppKernel.php
@@ -20,6 +20,7 @@ class AppKernel extends Kernel
            new JMS\DiExtraBundle\JMSDiExtraBundle($this),
            new JMS\SecurityExtraBundle\JMSSecurityExtraBundle(),
            new KekRozsak\FrontBundle\KekRozsakFrontBundle(),
+            new KekRozsak\SecurityBundle\KekRozsakSecurityBundle(),
        );

        if (in_array($this->getEnvironment(), array('dev', 'test'))) {
--- a/app/config/routing.yml
+++ b/app/config/routing.yml
@@ -1,3 +1,7 @@
+KekRozsakSecurityBundle:
+    resource: "@KekRozsakSecurityBundle/Resources/config/routing.yml"
+    prefix:   /
+
 KekRozsakFrontBundle:
    resource: "@KekRozsakFrontBundle/Resources/config/routing.yml"
    prefix:   /
--- a/app/config/security.yml
+++ b/app/config/security.yml
@@ -5,17 +5,18 @@ jms_security_extra:
 security:
    encoders:
        Symfony\Component\Security\Core\User\User: plaintext
+        KekRozsak\FrontBundle\Entity\User:
+            id: kek_rozsak_security.encoder.crypt

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

    providers:
-        in_memory:
-            memory:
-                users:
-                    user:  { password: userpass, roles: [ 'ROLE_USER' ] }
-                    admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
+        user_db:
+            entity:
+                class: KekRozsak\FrontBundle\Entity\User
+                property: username

    firewalls:
        dev:
@@ -23,21 +24,23 @@ security:
            security: false

        login:
-            pattern:  ^/demo/secured/login$
+            pattern:  ^/login$
            security: false

-        secured_area:
-            pattern:    ^/demo/secured/
+        members:
+            pattern:    ^/
            form_login:
-                check_path: /demo/secured/login_check
-                login_path: /demo/secured/login
+                check_path: /login_check
+                login_path: /login
            logout:
-                path:   /demo/secured/logout
-                target: /demo/
-            #anonymous: ~
-            #http_basic:
-            #    realm: "Secured Demo Area"
+                path:   /logout
+                target: /
+            anonymous: ~

    access_control:
+        - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/cikk/, roles: IS_AUTHENTICATED_ANONYMOUSLY }
+        - { path: ^/, roles: [ IS_AUTHENTICATED_FULLY, IS_AUTHENTICATED_REMEMBERED ] }
        #- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
        #- { path: ^/_internal/secure, roles: IS_AUTHENTICATED_ANONYMOUSLY, ip: 127.0.0.1 }