14. 认证Authentication系统、认证提供器

drupal8 龠龟龛龘龕龔龒龐龌龉龇龄龃齿齼齹齵齴龄龃齱齯齮龔龒齭齬齩齧齿齼齦齴龄龃齱齯齮齤齢龔龒齠齜齚龄龃齦齵齗齓齒龄龃齮龔龒齑齍齊齈齇齅齦齂鼿 ID 鼹鼶鼴鼳龄龃齱齯鼲鼮鼪鼶龛鼦鼢鼶龟龛龄龃齮鼡齹鼞鼹鼶鼛鼙齮鼘鼗鼲

龄龃鼖鼔鼶龶龛鼦鼑鼍鼉齬齮鼡齹鼆鼶龶鼅鼄鼃鼂 kernel.request 黪黦鼦黣鼂齮齦龶龄龃黠點黚 AuthenticationSubscriber 龠黃黁鼲鼞麾鼦麻鼶麹麶麴齮齦龶麲麯麬麨黚麦麢鼹龇黃黁鼲

齓齒龄龃齮龔龒齂麞麛麚齼麗麔麑齵齴龄龃齱齯齮龔龒麎齂麞麛齩齧麚齼麗麔麍麋麈麅麁齓齒鼞麾麚齼麗麔鼹鹾鹻鹺鹷齮鹴鹰麚齼 ID 鹭齿齼齧鹭鹩鹧鹭鹣黦鹭鹢鹟鹭鹝鹙鹘鹗鹭鹖鹔鹑鹏鹭鼦鹍鹌鹋鹭鹉麋鹈鹅鼦鹃鹀鹀齦鸿麗麔鸻鸸鸴鸱鸰鸭鼲

鸫龉龄龃鼖鼔齮鼘齚鸻鸧鸥鸢龶鸞 \core\lib\Drupal\Core\Authentication 鸖黦鸔鸒齦鸐鸌龐鸈鼴鸈鸞

鸄鸀齜齚鷾鷻齮鼶鷺鷹齮龄龃鷸齬鼶鷶鷳鷰鷮龄龃鷭鷬黚 Authentication Provider 鷥齮麗麔龐黃黁齮齦鼞麾鸖黦鸔鸒齮鷤鷢鷟鷜鼆鷚鼑齦鷖鸿鷒鷑鷍齿龉鷸齬齮龄龃鷭鷬黚齦鼆鷉鼅鼄鷈鷅鷄齿齼龕鷁鼲

鶽鶻鶸鶶齿齦龕鷁鶴鶱麾鶰鶭鸞

AuthenticationProviderInterface 鸞齤齢齮龄龃鷭鷬黚鶧鶣齚鶠鶞齮鶰鶭齦鶚齅鶙龕鷁鶴鶖麾鹺鶕鸞

public function applies(Request $request); 鶉鶇龔龒鼶鶃鵿齴齿龉龄龃齮齱齯鼲

public function authenticate(Request $request); 齿龔龒鵿齴齮龄龃齱齯鵽鶉鶇齗鶃齓齒龄龃鼲

AuthenticationProviderFilterInterface 鸞龄龃鷭鷬黚齒鵸鶰鶭齦鶉鶇龄龃鹺鶕齗鶃鷶齿龉鵴麾鵰鷉鵭齅鸞

public function appliesToRoutedRequest(Request $request, $authenticated);

AuthenticationProviderChallengeInterface 鸞龄龃鷭鷬黚齊齈鶰鶭齦鵤龄龃齵齓齒鼦鵡鵠鼴麾齊齈

public function challengeException(Request $request, \Exception $previous);

鼖鼔鷭鷬鶴鼴麾龄龃鵕鵔黚 AuthenticationManager 齦鵐鼦鶠鶞鹻鵭鵏麾鶰鶭鼲

AuthenticationCollectorInterface 鸞龄龃鷭鷬黚鵋鵉黚鶰鶭齦齿龉鼔鼴鵕鵔龄龃鷭鷬黚齦鷑鹍鵇鼆鸌齮鵃鸀鵂鼲

AuthenticationCollector 鼶鵁鴾龄鶠鶞鼲

鹻鵭鼶鸖黦齿鴻齦鸐鸌鸈鸈鴺鴷鼉齬鸞

drupal8 龠龄龃麚齼麗麔齜齚鷉龄龃鷭鷬黚龐麞麛齦鶃鴳鴾龄鼶齩齧齿齼麗麔齦齚鴱麲麯龇鸴鸱齮齿齼麚齼麗麔齦鼹齜齚鸀鴰鵉龄龃鷭鷬黚齦鴯鼪鴰鵉鼡齹鸈龄龃鷭鷬黚鵋鵉黚齮鴭鴬龕鷁鸞

  authentication_collector:
    class: Drupal\Core\Authentication\AuthenticationCollector
    tags:
      - { name: service_collector, tag: authentication_provider, call: addProvider }

鼆齮鴚鴗鸸齍鼆鶠鴔鴒麋鴏齤齢齴齢鴚鴗齧 authentication_provider 齮鴭鴬鴌鴊鴉 addProvider 鹺鶕鴆齿鼴鴃齦鼞鼳鴚鴗齿鶕鴁鳾鳼黚鸞 \core\lib\Drupal\Core\DependencyInjection\Compiler\TaggedHandlersPass.php

drupal8 鳲鷭鷬鶴鼴麾鳾鳼黚鸞 \core\lib\Drupal\Core\DependencyInjection\Compiler\AuthenticationProviderPass.php 鼆齿龉鴉鷢黚鳮鳫鼴麾鳪鳨 authentication_providers 齦鸿鳪鳨鳨鳤鳠鳞鶴鼖鼔鵤麢鸥龶齮鴭鴬鷭鷬黚鼲

龟鳛鴚鴗鶽 authentication_provider 齮鴭鴬齴齢鴚鴗鳘鳖齦齂鴏鴚鴗鳘鳖鼴鷑鴌鳓

鼖鼔鴾龄鳏龕鷁鶴鼴麾龄龃鷭鷬黚齦鼆齮鴭鴬 id user.authentication.cookie 齦龶 user 鷈鷅龠鶠鶞齦龐鸈鸈鼆齮龕鷁鸞

  user.authentication.cookie:
    class: Drupal\user\Authentication\Provider\Cookie
    arguments: ['@session_configuration', '@database']
    tags:
      - { name: authentication_provider, provider_id: 'cookie', priority: 0, global: TRUE }

鹻鵭鼹鼶鴭鴬鷭鷬黚齮龕鷁鲽鴰鵉鷸齬鼲

AuthenticationCollector 鳠鳞鲼鼖鼔鷭鷬齮龄龃鷭鷬黚齦鼆齬鶽鳪鳨鴌鴊鴉 AuthenticationManager 龐鲸鲴龄龃鵕鵔齦鷑龶 AuthenticationSubscriber 龠麲鹻鼉鲴齦鴭鴬鷭鷬黚鼶齢鵃鸀鵂齮齦鲱鲭麯鲩鲥鴃鶉鶇麗鵴鼴龔龒鼶鶃鹾齿齦鼴鲢鹾齿鲠鲞鲛鶉鶇鷑鲗鲖齬鶽鴾龄龄龃鷭鷬黚齦鲩鵃鸀鵂齮鷭鷬黚鲒齢麻齂鼉鲴齦鼖鼔鷭鷬齮鴾龄鷭鷬黚鵃鸀鵂鶽 0 齦鷭鷬黚龶鲸鲴龄龃鲎齬麋齦龟鳛齓齒鴳鲗鲖麚齼麗麔齦鶃鴳鲗鲖鲌齦鸒齅鸐鸌鸈鼴鸈鼖鼔鴾龄鷭鷬齮龄龃鷭鷬黚鸞

鼆鲋龉鸞 \core\modules\user\src\Authentication\Provider\Cookie.php

鸿龄龃鷭鷬黚鶉鲇龔龒鼶鶃鳠鳞鷹鲆齮齂鼿 ID 齦龟鳛齢齦鴳鲱齂鼿龠鲂鲖齿齼 ID 鷑鵡鵠麚齼齱齯齦鼅鼄鸻鸧龟鲁鱾鷤鷢鹍鸞

鲱鼞麾鹺鶕龠鱻鹾鹻鱷鱶齮鸈鱴齿齼麚齼麗麔鼶龟龛鱳黁齮齦龶鱯鱭鶶齿龠齂齿鼴麾麚齼鸻鵔麗麔 AccountProxy 鱫鱩鼆鼲龟鳛鼶鼴麾龇鱥鸴鸱齮齿齼齦鸿鼦麑鼅鼄鼃鼂 kernel.request 黪黦鼦麍鼖鼔龠鴏鸥龶鼴麾齿齼麚齼麗麔鼲 鹻鵭鼹鼶龄龃鱢麚齼麗麔鱳黁齒麅鼲

/**
   * Returns the UserSession object for the given session.
   *
   * @param \Symfony\Component\HttpFoundation\Session\SessionInterface $session
   *   The session.
   *
   * @return \Drupal\Core\Session\AccountInterface|null
   *   The UserSession object for the current user, or NULL if this is an
   *   anonymous session.
   */
  protected function getUserFromSession(SessionInterface $session) {
    if ($uid = $session->get('uid')) {
      // @todo Load the User entity in SessionHandler so we don't need queries.
      // @see https://www.drupal.org/node/2345611
      $values = $this->connection
        ->query('SELECT * FROM {users_field_data} u WHERE u.uid = :uid AND u.default_langcode = 1', [':uid' => $uid])
        ->fetchAssoc();

      // Check if the user data was found and the user is active.
      if (!empty($values) && $values['status'] == 1) {
        // Add the user's roles.
        $rids = $this->connection
          ->query('SELECT roles_target_id FROM {user__roles} WHERE entity_id = :uid', [':uid' => $values['uid']])
          ->fetchCol();
        $values['roles'] = array_merge([AccountInterface::AUTHENTICATED_ROLE], $rids);

        return new UserSession($values);
      }
    }

    // This is an anonymous session.
    return NULL;
  }

本书共83小节:

评论 (写第一个评论)