定制 syspay/login-recaptcha-bundle 二次开发

按需修改功能、优化性能、对接业务系统,提供一站式技术支持

邮箱:yvsm@zunyunkeji.com | QQ:316430983 | 微信:yvsm316

syspay/login-recaptcha-bundle

Composer 安装命令:

composer require syspay/login-recaptcha-bundle

包简介

Login Recaptcha Bundle for Symfony 3

README 文档

README

License

Description

Login reCAPTCHA Bundle makes it easy for you to integrate Google reCAPTCHA inside login forms in Symfony 3.

Installation

This symfony bundle is available on Packagist as syspay/login-recaptcha-bundle and can be installed either by running the composer require command or adding the library to your composer.json.

To add this dependency using the command, run the following from within your project directory:

composer require syspay/login-recaptcha-bundle

Alternatively, add the dependency directly to your composer.json file:

"require": {
    "syspay/login-recaptcha-bundle": "^2.1"
}

After composer installation go to your AppKernel.php file and add the following line inside registerBundles():

$bundles = [
    ...
    new LoginRecaptcha\Bundle\LoginRecaptchaBundle(),
];

Configuration

To use this functionality you have to use form_login_captcha instead of form_login in your security.yml file. This new security listener factory has all the same options as form_login but it has a required new option called google_recaptcha_secret where you have to enter your Google reCAPTCHA secret key.

form_login_captcha:
    login_path: login
    check_path: login_check
    username_parameter: "login_form[username]"
    password_parameter: "login_form[password]"
    csrf_parameter: "login_form[_token]"
    default_target_path: homepage
    google_recaptcha_secret: XXXXXXXXXXXXXXXX_XXXX_XXXXXXXXXXXXXXXXXXX

From then on your login form expects a new post parameter called g-recaptcha-response which is created by any reCAPTCHA plugin. Then the bundle authenticates the response by using Google's own reCAPTCHA package.

Validating reCAPTCHA only after several failed attempts

By default the bundle always checks for the post parameter g-recaptcha-response but this can be annoying on users as they'd have to input the reCAPTCHA everytime they login, therefore there is an option to only validate the reCAPTCHA after several failed logins from an ip range. This option needs a couple of extra configurations on your end. The way it works is that everytime there is a failed login a listener is called to create or increment a particular key in your cache client.

All you have to do is to set up your cache client example redis and declare a particular service that the bundle expects. This service needs to implement the class LoginRecaptcha\Bundle\Client\CacheClientInterface. A Predis extension is already provided in the bundle under the name LoginRecaptcha\Bundle\Client\PredisClient. After creating your class or using the provided one declare the following service in your app/services.yml. It is very important that the service name is login_recaptcha.cache_client.

    login_recaptcha.cache_client:
        class: LoginRecaptcha\Bundle\Client\PredisClient
        arguments:
            - '@snc_redis.default'
            - '%attempts%
            - '%expiry%

In my case @snc_redis.default is my cache service. The second argument is the number of failed attempts you want to verify the reCATPCHA after and the third argument is how long you want the key to stay in your cache.

After this all you have to do is add the option always_captcha: false under form_login_captcha in your security.yml file.

form_login_captcha:
    login_path: login
    check_path: login_check
    username_parameter: "login_form[username]"
    password_parameter: "login_form[password]"
    csrf_parameter: "login_form[_token]"
    default_target_path: homepage
    google_recaptcha_secret: XXXXXXXXXXXXXXXX_XXXX_XXXXXXXXXXXXXXXXXXX
    always_captcha: false

To check on the front end whether you should be showing the reCAPTCHA widget or not you need to inject the service login_recaptcha.captcha_login_form.manager in your controller and call the function isCaptchaNeeded() which takes the $request->getClientIp(). This returns true or false which you can then pass as a variable to twig.

syspay/login-recaptcha-bundle 适用场景与选型建议

syspay/login-recaptcha-bundle 是一款 基于 PHP 开发的 Composer 扩展包,目前已累计 6.16k 次下载、GitHub Stars 达 6, 最近一次更新时间为 2018 年 03 月 07 日, 在 PHP 生态内属于活跃度较高的组件。

我们在过去多个企业项目中使用过 syspay/login-recaptcha-bundle 或与其功能相近的方案,如果你在选型或落地过程中遇到问题,例如 版本兼容、二次改造、私有化封装、与内部系统对接、生产 BUG 排查,欢迎联系我们协助评估。

围绕 syspay/login-recaptcha-bundle 我们能提供哪些服务?
定制开发 / 二次开发

基于 syspay/login-recaptcha-bundle 在你已有业务上做功能扩展、字段裁剪、UI 适配、与内部账号 / 权限 / 日志系统的深度对接。

BUG 修复 & 性能优化

线上偶发问题、内存泄漏、慢查询、并发异常等排查修复;针对高流量场景做缓存、队列、索引层面的调优。

项目外包 & 长期维护

承接完整的项目从需求 → 设计 → 开发 → 上线 → 长期运维;也可按月提供技术保姆服务。

yvsm@zunyunkeji.com QQ:316430983 微信:yvsm316 西安尊云信息科技 · 专注 PHP / Go / 分布式系统研发

统计信息

  • 总下载量: 6.16k
  • 月度下载量: 0
  • 日度下载量: 0
  • 收藏数: 6
  • 点击次数: 2
  • 依赖项目数: 0
  • 推荐数: 0

GitHub 信息

  • Stars: 6
  • Watchers: 4
  • Forks: 3
  • 开发语言: PHP

其他信息

  • 授权协议: MIT
  • 更新时间: 2018-03-07