Movatterモバイル変換

[0]ホーム
URL:

Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly

 Sign up
Appearance settings

Commitbe4143c

Browse files
committed
[Security] Add example to fetch User with CurrentUser attribute
1 parentdd90e0a commitbe4143c

File tree

3 files changed

+54
-16
lines changed

3 files changed

+54
-16
lines changed

‎controller/value_resolver.rst

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -148,6 +148,8 @@ Symfony ships with the following value resolvers in the
148148

149149
In addition, some components, bridges and official bundles provide other value resolvers:
150150

151+
.. _controller-value-resolver-current-user:
152+
151153
:class:`Symfony\\Component\\Security\\Http\\Controller\\UserValueResolver`
152154
Injects the object that represents the current logged in user if type-hinted
153155
with ``UserInterface``. You can also type-hint your own ``User`` class but you

‎doctrine/events.rst

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -164,7 +164,7 @@ listener in the Symfony application by creating a new service for it and
164164

165165
..configuration-block::
166166

167-
..code-block::attribute
167+
..code-block::php-attributes
168168
169169
// src/App/EventListener/SearchIndexer.php
170170
namespace App\EventListener;

‎security.rst

Lines changed: 51 additions & 15 deletions
Original file line numberDiff line numberDiff line change
@@ -1881,29 +1881,65 @@ Fetching the User Object
18811881
------------------------
18821882

18831883
After authentication, the ``User`` object of the current user can be
1884-
accessed via the ``getUser()`` shortcut in the
1885-
:ref:`base controller<the-base-controller-class-services>`::
1884+
accessed via the:ref:`#[CurrentUser]<controller-value-resolver-current-user>` attribute or``getUser()`` shortcut in the
1885+
:ref:`base controller<the-base-controller-class-services>`:
18861886

1887-
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
1887+
..configuration-block::
18881888

1889-
class ProfileController extends AbstractController
1890-
{
1891-
public function index(): Response
1889+
..code-block::php-attributes
1890+
1891+
// src/Controller/ProfileController.php
1892+
namespace App\Controller;
1893+
1894+
use App\Entity\User;
1895+
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
1896+
use Symfony\Component\Security\Http\Attribute\CurrentUser;
1897+
1898+
class ProfileController extends AbstractController
18921899
{
18931900
// usually you'll want to make sure the user is authenticated first,
18941901
// see "Authorization" below
1895-
$this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
1902+
#[IsGranted('IS_AUTHENTICATED_FULLY')]
1903+
public function index(
1904+
// returns your User object, or null if the user is not authenticated
1905+
#[CurrentUser] ?User $user
1906+
): Response {
1907+
// Call whatever methods you've added to your User class
1908+
// For example, if you added a getFirstName() method, you can use that.
1909+
return new Response('Well hi there '.$user->getFirstName());
1910+
}
1911+
}
18961912
1897-
// returns your User object, or null if the user is not authenticated
1898-
// use inline documentation to tell your editor your exact User class
1899-
/** @var \App\Entity\User $user */
1900-
$user = $this->getUser();
1913+
..code-block::php
1914+
1915+
// src/Controller/ProfileController.php
1916+
namespace App\Controller;
19011917
1902-
// Call whatever methods you've added to your User class
1903-
// For example, if you added a getFirstName() method, you can use that.
1904-
return new Response('Well hi there '.$user->getFirstName());
1918+
use Symfony\Bundle\FrameworkBundle\Controller\AbstractController;
1919+
1920+
class ProfileController extends AbstractController
1921+
{
1922+
public function index(): Response
1923+
{
1924+
// usually you'll want to make sure the user is authenticated first,
1925+
// see "Authorization" below
1926+
$this->denyAccessUnlessGranted('IS_AUTHENTICATED_FULLY');
1927+
1928+
// returns your User object, or null if the user is not authenticated
1929+
// use inline documentation to tell your editor your exact User class
1930+
/** @var \App\Entity\User $user */
1931+
$user = $this->getUser();
1932+
1933+
// Call whatever methods you've added to your User class
1934+
// For example, if you added a getFirstName() method, you can use that.
1935+
return new Response('Well hi there '.$user->getFirstName());
1936+
}
19051937
}
1906-
}
1938+
1939+
..note::
1940+
1941+
The ``#[CurrentUser]`` attribute can only be used in controller arguments to
1942+
retrieve the authenticated user.
19071943

19081944
Fetching the User from a Service
19091945
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

0 commit comments

Comments
 (0)
[8]ページ先頭
©2009-2025 Movatter.jp