You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: README.md
+32-40Lines changed: 32 additions & 40 deletions
Original file line number
Diff line number
Diff line change
@@ -24,12 +24,18 @@ Symfony operations: 1 recipe
24
24
Executing script cache:clear [OK]
25
25
Executing script assets:install public [OK]
26
26
```
27
+
If you use Symfony Flex, you do not have to do anything anymore. Otherwise you have to include the bundle in your `<root>/config/bundles.php` like this:
27
28
28
-
As you can see, Symfony flex is able to install this bundle automatically, so there is nothing more to do for you :-)
29
-
Looking for setup instructions without Symfony Flex? Look at the bottom of this file.
This bundle comes with a twig function to create an url from any route name: `signed_url()` (and, as alias, `signed_path()`) works just like the symfony / twig function `path()` which you have certainly used a hundredfold. signed_path expects a route name and, optionally, query data as array:
34
40
```twig
35
41
<!-- Generating a regular link -->
@@ -56,7 +62,6 @@ use Shift\UrlSignatureBundle\Utils\UrlSignatureBuilder;
56
62
57
63
class ExampleController extends AbstractController
If the annotation is present, an Event Listener checks the incoming request URL. If the signature is missing (or invalid), an `\Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException` is thrown **before** your action is called. Make sure to give the user an useful response if an AccessDeniedException is thrown (This applies regardless of the use of this bundle, of course).
99
-
100
-
#### Verify a signature with dependency injection
83
+
#### Verify a signature with dependency injection (recommended)
101
84
Inject an `Shift\UrlSignatureBundle\Utils\RequestValidator` instance to your action:
102
85
103
86
```php
104
87
use Shift\UrlSignatureBundle\Utils\RequestValidator;
105
88
106
89
class ExampleController extends AbstractController
If the annotation is present, an Event Listener checks the incoming request URL. If the signature is missing (or invalid), an `\Symfony\Component\HttpKernel\Exception\AccessDeniedHttpException` is thrown **before** your action is called. Make sure to give the user an useful response if an AccessDeniedException is thrown (This applies regardless of the use of this bundle, of course).
131
+
129
132
### Build hashed URLs and verify signatures with a trait
130
133
This bundle comes with a trait to make the access to the Builder and RequestValidator easier::
131
134
@@ -152,7 +155,7 @@ class SingleActionController extends AbstractController
152
155
}
153
156
```
154
157
155
-
_**Note:** The trait has a constructor. If your controller already has a constructor, you should not use this trait. Read more [at SO about "constructor in traits"](https://stackoverflow.com/questions/12478124/how-to-overload-class-constructor-within-traits-in-php-5-4)._
158
+
_**Note:** The trait has its own constructor. If your controller already has a constructor, you should not use this trait. Read more [at StackOverflow about "constructor in traits"](https://stackoverflow.com/questions/12478124/how-to-overload-class-constructor-within-traits-in-php-5-4)._
Do not be surprised at the weird looking arguments for the `setHashMask` method - I did not find a better solution to set a bitmask in a services.yaml.
195
198
196
-
### Manual Installation
197
-
Download this repository, wire it with your autoloading mechanism and include the bundle in your `<root>/config/bundles.php` like this:
Based on the ideas by [psecio](https://github.com/psecio), the project was forked by [dsentker](https://github.com/dsentker) (thats me 😁) to upgrade the code for PHP 7.x applications. The adjustments then resulted in a separate library and, additionally, in this symfony 4 bundle.
0 commit comments