I'm working on login form in Symfony3 but no matter what I did, I can't authorize user and it always says that credentials are incorrect.
Some details.
Database - user table - contains below list of columns: id, first_name, last_name, username, email, password, is_admin, code, guid, secret, confirmed, created and status. Five of them are important and here they are: username, email, password, is_admin and status.
I would like to authorize users with username or email and password but also by check, if they have is_admin set to false and status set to true. I think that I missed something in my logic but I don't know what and where.
security.yml
security:
encoders:
AppBundle\Entity\StUser:
algorithm: bcrypt
cost: 12
providers:
our_db_provider:
entity:
class: AppBundle:StUser
property: email
firewalls:
user_secured_area:
pattern: ^/([a-z]{2})/account
form_login:
login_path: login
check_path: login
user_login_area:
anonymous: ~
form_login:
login_path: login
check_path: login
provider: our_db_provider
username_parameter: email
password_parameter: password
csrf_token_generator: security.csrf.token_manager
default:
anonymous: ~
http_basic: ~
login.html.twig
<form action="{{ url }}" method="post">
<div class="field text">
<input type="text" id="email" name="email" value="">
</div>
<div class="field text">
<input type="password" id="password" name="password">
</div>
<div class="field hidden">
<input type="hidden" name="_csrf_token" value="{{ csrf_token('authenticate') }}">
</div>
<div class="field button">
<button type="submit">Login</button>
</div>
</form>
AccountController.php
namespace AppBundle\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Request;
use AppBundle\Entity\StUser;
use AppBundle\Helper\GuidHelper;
use AppBundle\Helper\EmailHelper;
use AppBundle\Helper\SecretHelper;
use AppBundle\Helper\NotificationHelper;
use AppBundle\Helper\Validation\UserActivationValidation;
use AppBundle\Helper\Validation\UserRegistrationValidation;
class AccountController extends Controller
{
public function loginAction(Request $request)
{
$helper = $this->get('security.authentication_utils');
$error = $helper->getLastAuthenticationError();
return $this->render('account/login.html.twig', array( 'error' => $error ));
}
}
StUser.php entity
namespace AppBundle\Entity;
use Symfony\Component\Security\Core\User\UserInterface;
class StUser implements UserInterface
{
private $id;
private $firstName;
private $lastName;
private $email;
private $username;
private $password;
private $plainPassword;
private $isAdmin = '0';
private $code;
private $guid;
private $secret;
private $confirmed;
private $created = 'CURRENT_TIMESTAMP';
private $status = '1';
public function getId() { return $this->id; }
public function setFirstName($firstName) { $this->firstName = $firstName; return $this; }
public function getFirstName() { return $this->firstName; }
public function setLastName($lastName) { $this->lastName = $lastName; return $this; }
public function getLastName() { return $this->lastName; }
public function setEmail($email) { $this->email = $email; return $this; }
public function getEmail() { return $this->email; }
public function setUsername($username) { $this->username = $username; return $this; }
public function getUsername() { return $this->username; }
public function setPassword($password) { $this->password = $password; return $this; }
public function getPassword() { return $this->password; }
public function setPlainPassword($plainPassword) { $this->plainPassword = $plainPassword; return $this; }
public function getPlainPassword() { return $this->plainPassword; }
public function setCode($code) { $this->code = $code; return $this; }
public function getCode() { return $this->code; }
public function setGuid($guid) { $this->guid = $guid; return $this; }
public function getGuid() { return $this->guid; }
public function setSecret($secret) { $this->secret = $secret; return $this; }
public function getSecret() { return $this->secret; }
public function setIsAdmin($isAdmin) { $this->isAdmin = $isAdmin; return $this; }
public function getIsAdmin() { return $this->isAdmin; }
public function setConfirmed($confirmed) { $this->confirmed = $confirmed; return $this; }
public function getConfirmed() { return $this->confirmed; }
public function setCreated($created) { $this->created = $created; return $this; }
public function getCreated() { return $this->created; }
public function setStatus($status) { $this->status = $status; return $this; }
public function getStatus() { return $this->status; }
public function getRoles() { return null; }
public function getSalt() { return null; }
public function eraseCredentials() { }
public function __construct($email = '', $password = '', $salt = '', $roles = array())
{
$this->email = $email;
$this->password = $password;
}
}
When I displayed sql query it looks that it checks onlt the email, nothing else.
Do I have to implement something else? Maybe UserRepository class? Or maybe my configuration is wrong?
Thanks in advance.