I'd like to disallow access to /login
and /register
if a client's IP address has been banned.
The (black-) list of banned IPs is stored in the database.
How can I solve this?
Since symfony 2.4 you can use the Expression Language Component in your config-files.
Now implementing a simple IP check is easy:
access_manager
) with a method (i.e. getBannedIPs()
) that fetches the list of banned IPs from your storage layer# app/config/security.yml
security:
# ...
access_control:
- path: ^/(login|register)$
allow_if: "request.getClientIp() not in @=service('access_manager').getBannedIPs()"
You can subscribe to events on registration controller.
For registration, you can subscribe to REGISTRATION_INITIALIZE
event.
Here is the doc for controller events.
The second solution is to override login and register controller methods but you will have to duplicate all code of the login/register action.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With