douqilin4296 2017-04-04 11:08
浏览 55
已采纳

Symfony3授权不起作用 - 始终是错误的凭据

I'm working on login form in Symfony3 but no matter what I did, I can't authorize user and it always says that credentials are incorrect.

Some details.

Database - user table - contains below list of columns: id, first_name, last_name, username, email, password, is_admin, code, guid, secret, confirmed, created and status. Five of them are important and here they are: username, email, password, is_admin and status.

I would like to authorize users with username or email and password but also by check, if they have is_admin set to false and status set to true. I think that I missed something in my logic but I don't know what and where.

security.yml

security:
    encoders:
        AppBundle\Entity\StUser:
            algorithm: bcrypt
            cost: 12
    providers:
        our_db_provider:
            entity:
                class: AppBundle:StUser
                property: email
    firewalls:
        user_secured_area:
            pattern:   ^/([a-z]{2})/account
            form_login:
                login_path: login
                check_path: login
        user_login_area:
            anonymous: ~
            form_login:
                login_path: login
                check_path: login
                provider: our_db_provider
                username_parameter: email
                password_parameter: password
                csrf_token_generator: security.csrf.token_manager
        default:
            anonymous: ~
            http_basic: ~

login.html.twig

<form action="{{ url }}" method="post">
    <div class="field text">
        <input type="text" id="email" name="email" value="">
    </div>
    <div class="field text">
        <input type="password" id="password" name="password">
    </div>
    <div class="field hidden">
        <input type="hidden" name="_csrf_token" value="{{ csrf_token('authenticate') }}">
    </div>
    <div class="field button">
        <button type="submit">Login</button>
    </div>
</form>

AccountController.php

namespace AppBundle\Controller;

use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Request;

use AppBundle\Entity\StUser;
use AppBundle\Helper\GuidHelper;
use AppBundle\Helper\EmailHelper;
use AppBundle\Helper\SecretHelper;
use AppBundle\Helper\NotificationHelper;
use AppBundle\Helper\Validation\UserActivationValidation;
use AppBundle\Helper\Validation\UserRegistrationValidation;

class AccountController extends Controller
{
    public function loginAction(Request $request)
    {
        $helper = $this->get('security.authentication_utils');
        $error = $helper->getLastAuthenticationError();

        return $this->render('account/login.html.twig', array( 'error' => $error ));
    }
}

StUser.php entity

namespace AppBundle\Entity;
use Symfony\Component\Security\Core\User\UserInterface;

class StUser implements UserInterface
{
    private $id;
    private $firstName;
    private $lastName;
    private $email;
    private $username;
    private $password;
    private $plainPassword;
    private $isAdmin = '0';
    private $code;
    private $guid;
    private $secret;
    private $confirmed;
    private $created = 'CURRENT_TIMESTAMP';
    private $status = '1';

    public function getId() { return $this->id; }
    public function setFirstName($firstName) { $this->firstName =     $firstName; return $this; }
    public function getFirstName() { return $this->firstName; }
    public function setLastName($lastName) { $this->lastName = $lastName; return $this; }
    public function getLastName() { return $this->lastName; }
    public function setEmail($email) { $this->email = $email; return $this; }
    public function getEmail() { return $this->email; }
    public function setUsername($username) { $this->username = $username; return $this; }
    public function getUsername() { return $this->username; }
    public function setPassword($password) { $this->password = $password; return $this; }
    public function getPassword() { return $this->password; }
    public function setPlainPassword($plainPassword) { $this->plainPassword = $plainPassword; return $this; }
    public function getPlainPassword() { return $this->plainPassword; }
    public function setCode($code) { $this->code = $code; return $this; }
    public function getCode() { return $this->code; }
    public function setGuid($guid) { $this->guid = $guid; return $this; }
    public function getGuid() { return $this->guid; }
    public function setSecret($secret) { $this->secret = $secret; return $this; }
    public function getSecret() { return $this->secret; }
    public function setIsAdmin($isAdmin) { $this->isAdmin = $isAdmin; return $this; }
    public function getIsAdmin() { return $this->isAdmin; }
    public function setConfirmed($confirmed) { $this->confirmed = $confirmed; return $this; }
    public function getConfirmed() { return $this->confirmed; }
    public function setCreated($created) { $this->created = $created; return $this; }
    public function getCreated() { return $this->created; }
    public function setStatus($status) { $this->status = $status; return $this; }
    public function getStatus() { return $this->status; }

    public function getRoles() { return null; }
    public function getSalt() { return null; }
    public function eraseCredentials() { }

    public function __construct($email = '', $password = '', $salt = '', $roles = array())
    {
        $this->email = $email;
        $this->password = $password;
    }
}

When I displayed sql query it looks that it checks onlt the email, nothing else.

Do I have to implement something else? Maybe UserRepository class? Or maybe my configuration is wrong?

Thanks in advance.

  • 写回答

1条回答 默认 最新

  • dtxw20878 2017-04-04 21:43
    关注

    I see some strange differences with my security.yml. Look and find:

    security:

    encoders:
        AppBundle\Entity\User:
            algorithm: bcrypt
            cost: 12

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: ROLE_ADMIN

    providers:
        our_db_provider:
            entity:
                class: AppBundle:User
                property: email

    firewalls:
        # disables authentication for assets and the profiler, adapt it according to your needs
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        main:
            anonymous: ~
            pattern:    ^/
            provider: our_db_provider
            form_login:
                login_path: /login
                check_path: /login_check
                csrf_token_generator: security.csrf.token_manager       # FOR SYMFONY 2.7 OR BELOW USE:   csrf_provider: security.csrf.token_manager
            logout:
                path:   /logout
                target: /

    access_control:
        # require ROLE_ADMIN for /admin*
        - { path: ^/admin, roles: ROLE_ADMIN }
    本回答被题主选为最佳回答 , 对您是否有帮助呢?
    评论

报告相同问题?

悬赏问题

  • ¥15 多电路系统共用电源的串扰问题
  • ¥15 slam rangenet++配置
  • ¥15 有没有研究水声通信方面的帮我改俩matlab代码
  • ¥15 对于相关问题的求解与代码
  • ¥15 ubuntu子系统密码忘记
  • ¥15 信号傅里叶变换在matlab上遇到的小问题请求帮助
  • ¥15 保护模式-系统加载-段寄存器
  • ¥15 电脑桌面设定一个区域禁止鼠标操作
  • ¥15 求NPF226060磁芯的详细资料
  • ¥15 使用R语言marginaleffects包进行边际效应图绘制