Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commit9944c81

Browse files
committed
[Security] Add example to fetch User with CurrentUser attribute
1 parentdd90e0a commit9944c81

File tree

3 files changed

+52
-16
lines changed

3 files changed

+52
-16
lines changed

‎controller/value_resolver.rst

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -148,6 +148,8 @@ Symfony ships with the following value resolvers in the
148148

149149
In addition, some components, bridges and official bundles provide other value resolvers:
150150

151+
.. _controller-value-resolver-current-user:
152+
151153
:class:`Symfony\\Component\\Security\\Http\\Controller\\UserValueResolver`
152154
Injects the object that represents the current logged in user if type-hinted
153155
with ``UserInterface``. You can also type-hint your own ``User`` class but you

‎doctrine/events.rst

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -164,7 +164,7 @@ listener in the Symfony application by creating a new service for it and
164164

165165
..configuration-block::
166166

167-
..code-block::attribute
167+
..code-block::php-attributes
168168
169169
// src/App/EventListener/SearchIndexer.php
170170
namespace App\EventListener;

‎security.rst

Lines changed: 49 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -1881,29 +1881,63 @@ Fetching the User Object
18811881
------------------------
18821882

18831883
After authentication, the ``User`` object of the current user can be
1884-
accessed via the ``getUser()`` shortcut in the
1885-
:ref:`base controller<the-base-controller-class-services>`::
1884+
accessed via the:ref:`#[CurrentUser]<controller-value-resolver-current-user>` attribute or``getUser()`` shortcut in the
1885+
:ref:`base controller<the-base-controller-class-services>`:
18861886

1887-
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
1887+
..configuration-block::
18881888

1889-
class ProfileController extends AbstractController
1890-
{
1891-
public function index(): Response
1889+
..code-block::php-attributes
1890+
1891+
// src/Controller/ProfileController.php
1892+
1893+
use App\Entity\User;
1894+
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
1895+
use Symfony\Component\Security\Http\Attribute\CurrentUser;
1896+
1897+
class ProfileController extends AbstractController
18921898
{
18931899
// usually you'll want to make sure the user is authenticated first,
18941900
// see "Authorization" below
1895-
$this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
1901+
#[IsGranted('IS_AUTHENTICATED_FULLY')]
1902+
public function index(
1903+
// returns your User object, or null if the user is not authenticated
1904+
#[CurrentUser] ?User $user
1905+
): Response {
1906+
// Call whatever methods you've added to your User class
1907+
// For example, if you added a getFirstName() method, you can use that.
1908+
return new Response('Well hi there '.$user->getFirstName());
1909+
}
1910+
}
18961911
1897-
// returns your User object, or null if the user is not authenticated
1898-
// use inline documentation to tell your editor your exact User class
1899-
/** @var \App\Entity\User $user */
1900-
$user = $this->getUser();
1912+
..code-block::php
1913+
1914+
// src/Controller/ProfileController.php
1915+
1916+
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
19011917
1902-
// Call whatever methods you've added to your User class
1903-
// For example, if you added a getFirstName() method, you can use that.
1904-
return new Response('Well hi there '.$user->getFirstName());
1918+
class ProfileController extends AbstractController
1919+
{
1920+
public function index(): Response
1921+
{
1922+
// usually you'll want to make sure the user is authenticated first,
1923+
// see "Authorization" below
1924+
$this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
1925+
1926+
// returns your User object, or null if the user is not authenticated
1927+
// use inline documentation to tell your editor your exact User class
1928+
/** @var \App\Entity\User $user */
1929+
$user = $this->getUser();
1930+
1931+
// Call whatever methods you've added to your User class
1932+
// For example, if you added a getFirstName() method, you can use that.
1933+
return new Response('Well hi there '.$user->getFirstName());
1934+
}
19051935
}
1906-
}
1936+
1937+
..note::
1938+
1939+
The ``#[CurrentUser]`` attribute can only be used in controller arguments to
1940+
retrieve the authenticated user.
19071941

19081942
Fetching the User from a Service
19091943
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp