douzhan1238 2014-11-07 22:14
浏览 99
已采纳

Symfony 2.3登录表单未进行身份验证

I'm trying to implement a rather basic login form with Symfony2.3, but I'm running into an error where I'm sometimes redirected to the expected page after providing correct credentials, but sometimes not (instead I'm just redirected back to the login page). Here is my security.yml file:

security:
    encoders:
        Symfony\Component\Security\Core\User\User: plaintext
        Acme\MyBundle\Entity\User: sha512
    providers:
        main:
            id: acme.user.provider
    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false
        login_firewall:
            pattern: ^/login$
            security: false
        secured_area:
            pattern: ^/
            form_login: ~
            logout:
                path:   /logout
                target: /
    access_control:
        - { path: ^/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
        - { path: ^/, roles: ROLE_USER, requires_channel: https }

Here is my SecurityController:

<?php

namespace Acme\MyBundle\Controller;

use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Core\SecurityContextInterface;

/**
 * Class SecurityController
 * @package Acme\MyBundle\Controller
 *
 * @Route("/")
 */
class SecurityController extends Controller
{
    /**
     * @param Request $request
     * @return \Symfony\Component\HttpFoundation\Response
     *
     * @Route("/login", requirements={"_scheme" = "https"}, path="login")
     */
    public function LoginAction(Request $request)
    {
        $session = $request->getSession();

        // get the login error if there is one
        if ($request->attributes->has(SecurityContextInterface::AUTHENTICATION_ERROR)) {
            $error = $request->attributes->get(
                SecurityContextInterface::AUTHENTICATION_ERROR
            );
        } elseif (null !== $session && $session->has(SecurityContextInterface::AUTHENTICATION_ERROR)) {
            $error = $session->get(SecurityContextInterface::AUTHENTICATION_ERROR);
            $session->remove(SecurityContextInterface::AUTHENTICATION_ERROR);
        } else {
            $error = '';
        }

        // last username entered by the user
        $lastUsername = (null === $session) ? '' : $session->get(SecurityContextInterface::LAST_USERNAME);

        return $this->render(
            'AcmeMyBundle:Security:login.html.twig',
            array(
                // last username entered by the user
                'last_username' => $lastUsername,
                'error'         => $error,
            )
        );
    }

    /**
     * @Route("/login_check", requirements={"_scheme" = "https"}, path="login_check")
     */
    public function LoginCheckAction()
    {

    }

    /**
     * @Route("/logout", requirements={"_scheme" = "https"}, path="logout")
     */
    public function LogoutAction()
    {

    }
}

And here is my bundle's routing.yml file:

_security:
    resource: "@AcmeMyBundle/Controller/SecurityController.php"
    type: annotation

When I provide the proper credentials, I'm correctly logged in / redirected to the given URL about 20% of the time. The other 80% of the time I'm just redirected back to the form login page with no error message. I also don't see any error message when I try to login with incorrect credentials.

UPDATE: It looks like the issue is that Symfony is creating more than one session in my database on each request. I am using the pdo handler.

  • 写回答

2条回答 默认 最新

  • dongxun7962 2014-11-10 14:44
    关注

    Turns out the issue was actually with the Session entity / table in which I was storing my session. I was using the PDOSessionHandler to store sessions in the database, and had the following $id in my ORM Session entity:

    <?php
    
    namespace Acme\MyBundle\Entity;
    
    use Doctrine\ORM\Mapping as ORM;
    
    /**
     * Session
     *
     * @ORM\Table()
     * @ORM\Entity
     */
    class Session
    {
        /**
         * @var integer
         *
         * @ORM\Column(name="id", type="integer")
         * @ORM\Id
         * @ORM\GeneratedValue(strategy="AUTO")
         */
        private $id;
    

    The $id should not have been of type integer, but (obviously (-_-) of type string. After changing the property to:

    /**
     * @var integer
     *
     * @ORM\Column(type="string", length=255)
     * @ORM\Id
     */
    private $id;
    

    and running php app/console doctrine:schema:update --force, everything appears to be working correctly.

    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论
查看更多回答(1条)

报告相同问题?

悬赏问题

  • ¥30 51单片机C语言数码管驱动单片机为AT89C52
  • ¥100 只改动本课件的 cal_portfolio_weight_series(decision_date), 跑完本课件。设计一个信息比率尽量高的策略。
  • ¥20 如何在visual studio 2022中添加ImageMagick库
  • ¥50 如何实现uniapp编译的微信小程序做可回溯视频
  • ¥15 求Houdini使用行家,付费。价格面议。
  • ¥15 前端高拍仪调用问题报错
  • ¥15 想用octave解决这个数学问题
  • ¥15 Centos新建的临时ip无法上网,如何解决?
  • ¥15 海康威视如何实现客户端软件对设备语音请求的处理。
  • ¥15 支付宝h5参数如何实现跳转