14. 认证Authentication系统、认证提供器

drupal8 龡龟龜龘龔龒龎龍龉龈龇龄龁齽齼齹齶齵龄龁齲齱齭龒龎齬齩齥齢齽齼齟齵龄龁齲齱齭齛齙龒龎齘齔齒龄龁齟齶齏齎齊龄龁齭龒龎齆齅齃鼿鼽鼼齟鼸鼴 ID 鼭鼬鼨鼧龄龁齲齱鼣鼠鼞鼬龜鼝鼚鼬龟龜龄龁齭鼙齹鼗鼭鼬鼕鼓齭鼐鼎鼣

龄龁鼍鼊鼬龷龜鼝鼇鼅鼁齩齭鼙齹鼀鼬龷黿黾黽黼 kernel.request 黩黧鼝黣黼齭齟龷龄龁黠點黝 AuthenticationSubscriber 龡黈黆鼣鼗黃鼝麿鼬麼麻麺齭齟龷麷麴麳麰黝麭麪鼭龇黈黆鼣

齎齊龄龁齭龒龎鼸麨麦麢齼麟麛麙齶齵龄龁齲齱齭龒龎麘鼸麨麦齥齢麢齼麟麛麖麒麏麎麋齎齊鼗黃麢齼麟麛鼭麇麄麁鹿齭鹼鹹麢齼 ID 鹵齽齼齢鹵鹳鹱鹵鹯黧鹵鹬鹪鹵鹨鹥鹣鹡鹵鹞鹝鹜鹘鹵鼝鹔鹓鹑鹵鹍麒鹋鹇鼝鹅鹃鹃齟鹀麟麛鸼鸻鸺鸸鸶鸳鼣

鸲龈龄龁鼍鼊齭鼐齒鸼鸮鸭鸪龷鸧 \core\lib\Drupal\Core\Authentication 鸡黧鸟鸜齟鸚鸙龍鸕鼨鸕鸧

鸑鸏齔齒鸍鸊齭鼬鸉鸅齭龄龁鸃齩鼬鸂鸁鷿鷻龄龁鷺鷹黝 Authentication Provider 鷱齭麟麛龍黈黆齭齟鼗黃鸡黧鸟鸜齭鷭鷩鷨鷦鼀鷤鼇齟鷣鹀鷡鷞鷝齽龈鸃齩齭龄龁鷺鷹黝齟鼀鷜黿黾鷚鷗鷖齽齼龔鷕鼣

鷑鷎鷍鷉齽齟龔鷕鷅鷃黃鶿鶼鸧

AuthenticationProviderInterface 鸧齛齙齭龄龁鷺鷹黝鶶鶴齒鶱鶰齭鶿鶼齟鶭鼼鶩龔鷕鷅鶧黃麁鶣鸧

public function applies(Request $request); 鶎鶍龒龎鼬鶉鶈齵齽龈龄龁齭齲齱鼣

public function authenticate(Request $request); 齽龒龎鶈齵齭龄龁齲齱鶅鶎鶍齏鶉齎齊龄龁鼣

AuthenticationProviderFilterInterface 鸧龄龁鷺鷹黝齊鵿鶿鶼齟鶎鶍龄龁麁鶣齏鶉鸂齽龈鵾黃鵼鷜鵹鼼鸧

public function appliesToRoutedRequest(Request $request, $authenticated);

AuthenticationProviderChallengeInterface 鸧龄龁鷺鷹黝齃鼿鶿鶼齟鵯龄龁齶齎齊鼝鵭鵫鼨黃齃鼿

public function challengeException(Request $request, \Exception $previous);

鼍鼊鷺鷹鷅鼨黃龄龁鵤鵣黝 AuthenticationManager 齟鵠鼝鶱鶰麄鵹鵞黃鶿鶼鼣

AuthenticationCollectorInterface 鸧龄龁鷺鷹黝鵝鵚黝鶿鶼齟齽龈鼊鼨鵤鵣龄龁鷺鷹黝齟鷞鹔鵙鼀鸙齭鵘鸏鵖鼣

AuthenticationCollector 鼬鵕鵓龄鶱鶰鼣

麄鵹鼬鸡黧齽鵏齟鸚鸙鸕鸕鵋鵇鼁齩鸧

drupal8 龡龄龁麢齼麟麛齔齒鷜龄龁鷺鷹黝龍麨麦齟鶉鵆鵓龄鼬齥齢齽齼麟麛齟齒鵂麷麴龇鸺鸸齭齽齼麢齼麟麛齟鼭齔齒鸏鵀鵚龄龁鷺鷹黝齟鴽鼞鵀鵚鼙齹鸕龄龁鷺鷹黝鵝鵚黝齭鴼鴸龔鷕鸧

  authentication_collector:
    class: Drupal\Core\Authentication\AuthenticationCollector
    tags:
      - { name: service_collector, tag: authentication_provider, call: addProvider }

鼀齭鴨鴤鸻齅鼀鶱鴢鴠麒鴞齛齙齵齙鴨鴤齢 authentication_provider 齭鴼鴸鴜鴙鴖 addProvider 麁鶣鴕齽鼨鴒齟鼗鼧鴨鴤齽鶣鴑鴏鴍黝鸧 \core\lib\Drupal\Core\DependencyInjection\Compiler\TaggedHandlersPass.php

drupal8 鴂鷺鷹鷅鼨黃鴏鴍黝鸧 \core\lib\Drupal\Core\DependencyInjection\Compiler\AuthenticationProviderPass.php 鼀齽龈鴖鷩黝鴁鳿鼨黃鳼鳸 authentication_providers 齟鹀鳼鳸鳸鳴鳰鳯鷅鼍鼊鵯麪鸭龷齭鴼鴸鷺鷹黝鼣

龟鳬鴨鴤鷑 authentication_provider 齭鴼鴸齵齙鴨鴤鳨鳧齟鼸鴞鴨鴤鳨鳧鼨鷞鴜鳣

鼍鼊鵓龄鳠龔鷕鷅鼨黃龄龁鷺鷹黝齟鼀齭鴼鴸 id user.authentication.cookie 齟龷 user 鷚鷗龡鶱鶰齟龍鸕鸕鼀齭龔鷕鸧

  user.authentication.cookie:
    class: Drupal\user\Authentication\Provider\Cookie
    arguments: ['@session_configuration', '@database']
    tags:
      - { name: authentication_provider, provider_id: 'cookie', priority: 0, global: TRUE }

麄鵹鼭鼬鴼鴸鷺鷹黝齭龔鷕鳌鵀鵚鸃齩鼣

AuthenticationCollector 鳰鳯鳈鼍鼊鷺鷹齭龄龁鷺鷹黝齟鼀齩鷑鳼鳸鴜鴙鴖 AuthenticationManager 龍鳇鳆龄龁鵤鵣齟鷞龷 AuthenticationSubscriber 龡麷麄鼁鳆齟鴼鴸鷺鷹黝鼬齙鵘鸏鵖齭齟鳃鳀麴鲽鲻鴒鶎鶍麟鵾鼨龒龎鼬鶉麇齽齟鼨鲷麇齽鲵鲳鲱鶎鶍鷞鲰鲬齩鷑鵓龄龄龁鷺鷹黝齟鲽鵘鸏鵖齭鷺鷹黝鲪齙麿鼸鼁鳆齟鼍鼊鷺鷹齭鵓龄鷺鷹黝鵘鸏鵖鷑 0 齟鷺鷹黝龷鳇鳆龄龁鲩齩麒齟龟鳬齎齊鵆鲰鲬麢齼麟麛齟鶉鵆鲰鲬鲦齟鸜鼼鸚鸙鸕鼨鸕鼍鼊鵓龄鷺鷹齭龄龁鷺鷹黝鸧

鼀鲣龈鸧 \core\modules\user\src\Authentication\Provider\Cookie.php

鹀龄龁鷺鷹黝鶎鲟龒龎鼬鶉鳰鳯鸅鲜齭鼸鼴 ID 齟龟鳬齙齟鵆鳃鼸鼴龡鲙鲬齽齼 ID 鷞鵭鵫麢齼齲齱齟黿黾鸼鸮龟鲕鲔鷭鷩鹔鸧

鳃鼗黃麁鶣龡鲓麇麄鲏鲎齭鸕鲊齽齼麢齼麟麛鼬龟龜鲈黆齭齟龷鲅鲁鷉齽龡鼸齽鼨黃麢齼鸼鵣麟麛 AccountProxy 鱾鱽鼀鼣龟鳬鼬鼨黃龇鱹鸺鸸齭齽齼齟鹀鼝麙黿黾黽黼 kernel.request 黩黧鼝麖鼍鼊龡鴞鸭龷鼨黃齽齼麢齼麟麛鼣 麄鵹鼭鼬龄龁鱷麢齼麟麛鲈黆齊麎鼣

/**
   * Returns the UserSession object for the given session.
   *
   * @param \Symfony\Component\HttpFoundation\Session\SessionInterface $session
   *   The session.
   *
   * @return \Drupal\Core\Session\AccountInterface|null
   *   The UserSession object for the current user, or NULL if this is an
   *   anonymous session.
   */
  protected function getUserFromSession(SessionInterface $session) {
    if ($uid = $session->get('uid')) {
      // @todo Load the User entity in SessionHandler so we don't need queries.
      // @see https://www.drupal.org/node/2345611
      $values = $this->connection
        ->query('SELECT * FROM {users_field_data} u WHERE u.uid = :uid AND u.default_langcode = 1', [':uid' => $uid])
        ->fetchAssoc();

      // Check if the user data was found and the user is active.
      if (!empty($values) && $values['status'] == 1) {
        // Add the user's roles.
        $rids = $this->connection
          ->query('SELECT roles_target_id FROM {user__roles} WHERE entity_id = :uid', [':uid' => $values['uid']])
          ->fetchCol();
        $values['roles'] = array_merge([AccountInterface::AUTHENTICATED_ROLE], $rids);

        return new UserSession($values);
      }
    }

    // This is an anonymous session.
    return NULL;
  }

本书共71小节:

评论 (写第一个评论)