14. 认证Authentication系统、认证提供器

drupal8 龧龣龡龞龚龘龕龑龐龍龌龊龆龃龂齾齺齸龊龆齴齰齭龘龕齬齩齨齧龃龂齦齸龊龆齴齰齭齣齟龘龕齝齚齙龊龆齦齺齖齕齓龊龆齭龘龕齑齍齋齇齆齃齦齀鼾 ID 鼵鼳鼱鼮龊龆齴齰鼪鼧鼦鼳龡鼢鼟鼳龣龡龊龆齭鼛齾鼗鼵鼳鼕鼒齭鼎鼊鼪

龊龆鼈鼆鼳龻龡鼢鼂黿黾齩齭鼛齾黻鼳龻黸黶黴黳 kernel.request 黢黟鼢黛黳齭齦龻龊龆默黕黔 AuthenticationSubscriber 龧黁黀鼪鼗麾鼢麺鼳麶麵麴齭齦龻麲麯麫麩黔麦麤鼵龌黁黀鼪

齕齓龊龆齭龘龕齀麢麠麟龂麝麚麗齺齸龊龆齴齰齭龘龕麕齀麢麠齨齧麟龂麝麚麒麏麍麋麊齕齓鼗麾麟龂麝麚鼵麉麆麅麁齭麀鹿麟龂 ID 鹻龃龂齧鹻鹷鹶鹻鹴黟鹻鹳鹰鹻鹬鹫鹧鹣鹻鹠鹟鹝鹜鹻鼢鹙鹘鹗鹻鹔麏鹓鹏鼢鹋鹈鹈齦鹅麝麚鹁鸽鸹鸶鸴鸰鼪

鸯龍龊龆鼈鼆齭鼎齙鹁鸫鸨鸥龻鸢 \core\lib\Drupal\Core\Authentication 鸙黟鸕鸑齦鸎鸌龑鸉鼱鸉鸢

鸈鸅齚齙鸂鸀齭鼳鷽鷺齭龊龆鷹齩鼳鷶鷳鷯鷫龊龆鷨鷧黔 Authentication Provider 鷢齭麝麚龑黁黀齭齦鼗麾鸙黟鸕鸑齭鷠鷞鷚鷘黻鷗鼂齦鷓鹅鷏鷌鷋龃龍鷹齩齭龊龆鷨鷧黔齦黻鷊黸黶鷇鷃鷂龃龂龚鶾鼪

鶺鶸鶷鶳龃齦龚鶾鶱鶰麾鶭鶪鸢

AuthenticationProviderInterface 鸢齣齟齭龊龆鷨鷧黔鶥鶤齙鶠鶟齭鶭鶪齦鶞齃鶚龚鶾鶱鶙麾麅鶖鸢

public function applies(Request $request); 鶈鶅龘龕鼳鶂鵿齸龃龍龊龆齭齴齰鼪

public function authenticate(Request $request); 龃龘龕鵿齸齭龊龆齴齰鵻鶈鶅齖鶂齕齓龊龆鼪

AuthenticationProviderFilterInterface 鸢龊龆鷨鷧黔齓鵶鶭鶪齦鶈鶅龊龆麅鶖齖鶂鷶龃龍鵴麾鵱鷊鵰齃鸢

public function appliesToRoutedRequest(Request $request, $authenticated);

AuthenticationProviderChallengeInterface 鸢龊龆鷨鷧黔齋齇鶭鶪齦鵧龊龆齺齕齓鼢鵥鵢鼱麾齋齇

public function challengeException(Request $request, \Exception $previous);

鼈鼆鷨鷧鶱鼱麾龊龆鵚鵙黔 AuthenticationManager 齦鵔鼢鶠鶟麆鵰鵓麾鶭鶪鼪

AuthenticationCollectorInterface 鸢龊龆鷨鷧黔鵒鵏黔鶭鶪齦龃龍鼆鼱鵚鵙龊龆鷨鷧黔齦鷌鹙鵎黻鸌齭鵍鸅鵉鼪

AuthenticationCollector 鼳鵆鵂龊鶠鶟鼪

麆鵰鼳鸙黟龃鴾齦鸎鸌鸉鸉鴽鴺黾齩鸢

drupal8 龧龊龆麟龂麝麚齚齙鷊龊龆鷨鷧黔龑麢麠齦鶂鴶鵂龊鼳齨齧龃龂麝麚齦齙鴵麲麯龌鸹鸶齭龃龂麟龂麝麚齦鼵齚齙鸅鴲鵏龊龆鷨鷧黔齦鴰鼦鴲鵏鼛齾鸉龊龆鷨鷧黔鵒鵏黔齭鴬鴫龚鶾鸢

  authentication_collector:
    class: Drupal\Core\Authentication\AuthenticationCollector
    tags:
      - { name: service_collector, tag: authentication_provider, call: addProvider }

黻齭鴗鴖鸽齍黻鶠鴔鴓麏鴏齣齟齸齟鴗鴖齧 authentication_provider 齭鴬鴫鴍鴌鴈 addProvider 麅鶖鴄龃鼱鴀齦鼗鼮鴗鴖龃鶖鳽鳺鳷黔鸢 \core\lib\Drupal\Core\DependencyInjection\Compiler\TaggedHandlersPass.php

drupal8 鳩鷨鷧鶱鼱麾鳺鳷黔鸢 \core\lib\Drupal\Core\DependencyInjection\Compiler\AuthenticationProviderPass.php 黻龃龍鴈鷞黔鳨鳥鼱麾鳤鳡 authentication_providers 齦鹅鳤鳡鳡鳞鳚鳖鶱鼈鼆鵧麤鸨龻齭鴬鴫鷨鷧黔鼪

龣鳒鴗鴖鶺 authentication_provider 齭鴬鴫齸齟鴗鴖鳑鳐齦齀鴏鴗鴖鳑鳐鼱鷌鴍鳌

鼈鼆鵂龊鳋龚鶾鶱鼱麾龊龆鷨鷧黔齦黻齭鴬鴫 id user.authentication.cookie 齦龻 user 鷇鷃龧鶠鶟齦龑鸉鸉黻齭龚鶾鸢

  user.authentication.cookie:
    class: Drupal\user\Authentication\Provider\Cookie
    arguments: ['@session_configuration', '@database']
    tags:
      - { name: authentication_provider, provider_id: 'cookie', priority: 0, global: TRUE }

麆鵰鼵鼳鴬鴫鷨鷧黔齭龚鶾鲽鴲鵏鷹齩鼪

AuthenticationCollector 鳚鳖鲺鼈鼆鷨鷧齭龊龆鷨鷧黔齦黻齩鶺鳤鳡鴍鴌鴈 AuthenticationManager 龑鲸鲷龊龆鵚鵙齦鷌龻 AuthenticationSubscriber 龧麲麆黾鲷齦鴬鴫鷨鷧黔鼳齟鵍鸅鵉齭齦鲵鲲麯鲰鲭鴀鶈鶅麝鵴鼱龘龕鼳鶂麉龃齦鼱鲬麉龃鲩鲥鲤鶈鶅鷌鲢鲠齩鶺鵂龊龊龆鷨鷧黔齦鲰鵍鸅鵉齭鷨鷧黔鲟齟麺齀黾鲷齦鼈鼆鷨鷧齭鵂龊鷨鷧黔鵍鸅鵉鶺 0 齦鷨鷧黔龻鲸鲷龊龆鲝齩麏齦龣鳒齕齓鴶鲢鲠麟龂麝麚齦鶂鴶鲢鲠鲚齦鸑齃鸎鸌鸉鼱鸉鼈鼆鵂龊鷨鷧齭龊龆鷨鷧黔鸢

黻鲗龍鸢 \core\modules\user\src\Authentication\Provider\Cookie.php

鹅龊龆鷨鷧黔鶈鲖龘龕鼳鶂鳚鳖鷺鲔齭齀鼾 ID 齦龣鳒齟齦鴶鲵齀鼾龧鲑鲠龃龂 ID 鷌鵥鵢麟龂齴齰齦黸黶鹁鸫龣鲍鲊鷠鷞鹙鸢

鲵鼗麾麅鶖龧鲇麉麆鲃鲂齭鸉鱿龃龂麟龂麝麚鼳龣龡鱾黀齭齦龻鱺鱹鶳龃龧齀龃鼱麾麟龂鹁鵙麝麚 AccountProxy 鱵鱴黻鼪龣鳒鼳鼱麾龌鱰鸹鸶齭龃龂齦鹅鼢麗黸黶黴黳 kernel.request 黢黟鼢麒鼈鼆龧鴏鸨龻鼱麾龃龂麟龂麝麚鼪 麆鵰鼵鼳龊龆鱯麟龂麝麚鱾黀齓麋鼪

/**
   * Returns the UserSession object for the given session.
   *
   * @param \Symfony\Component\HttpFoundation\Session\SessionInterface $session
   *   The session.
   *
   * @return \Drupal\Core\Session\AccountInterface|null
   *   The UserSession object for the current user, or NULL if this is an
   *   anonymous session.
   */
  protected function getUserFromSession(SessionInterface $session) {
    if ($uid = $session->get('uid')) {
      // @todo Load the User entity in SessionHandler so we don't need queries.
      // @see https://www.drupal.org/node/2345611
      $values = $this->connection
        ->query('SELECT * FROM {users_field_data} u WHERE u.uid = :uid AND u.default_langcode = 1', [':uid' => $uid])
        ->fetchAssoc();

      // Check if the user data was found and the user is active.
      if (!empty($values) && $values['status'] == 1) {
        // Add the user's roles.
        $rids = $this->connection
          ->query('SELECT roles_target_id FROM {user__roles} WHERE entity_id = :uid', [':uid' => $values['uid']])
          ->fetchCol();
        $values['roles'] = array_merge([AccountInterface::AUTHENTICATED_ROLE], $rids);

        return new UserSession($values);
      }
    }

    // This is an anonymous session.
    return NULL;
  }

本书共63小节:

评论 (写第一个评论)