Symfony3 授权不起作用 - 总是错误的凭据

Question

我正在 Symfony3 中处理登录表单，但无论我做什么，我都无法授权用户，而且它总是说凭据不正确。

一些细节。

数据库 - 用户 table - 包含以下列列表：id、first_name、last_name、用户名、电子邮件、密码、is_admin、代码、guid、秘密、确认、创建和状态。其中五个很重要，这里是：用户名、电子邮件、密码、is_admin 和状态.

我想通过用户名或电子邮件和密码授权用户，但如果他们将 is_admin 设置为 false 且状态设置为 true，也可以通过检查来授权。我想我在我的逻辑中错过了一些东西，但我不知道是什么和在哪里。

security.yml

security:
    encoders:
        AppBundle\Entity\StUser:
            algorithm: bcrypt
            cost: 12
    providers:
        our_db_provider:
            entity:
                class: AppBundle:StUser
                property: email
    firewalls:
        user_secured_area:
            pattern:   ^/([a-z]{2})/account
            form_login:
                login_path: login
                check_path: login
        user_login_area:
            anonymous: ~
            form_login:
                login_path: login
                check_path: login
                provider: our_db_provider
                username_parameter: email
                password_parameter: password
                csrf_token_generator: security.csrf.token_manager
        default:
            anonymous: ~
            http_basic: ~

login.html.twig

<form action="{{ url }}" method="post">
    <div class="field text">
        <input type="text" id="email" name="email" value="">
    </div>
    <div class="field text">
        <input type="password" id="password" name="password">
    </div>
    <div class="field hidden">
        <input type="hidden" name="_csrf_token" value="{{ csrf_token('authenticate') }}">
    </div>
    <div class="field button">
        <button type="submit">Login</button>
    </div>
</form>

AccountController.php

namespace AppBundle\Controller;

use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Request;

use AppBundle\Entity\StUser;
use AppBundle\Helper\GuidHelper;
use AppBundle\Helper\EmailHelper;
use AppBundle\Helper\SecretHelper;
use AppBundle\Helper\NotificationHelper;
use AppBundle\Helper\Validation\UserActivationValidation;
use AppBundle\Helper\Validation\UserRegistrationValidation;

class AccountController extends Controller
{
    public function loginAction(Request $request)
    {
        $helper = $this->get('security.authentication_utils');
        $error = $helper->getLastAuthenticationError();

        return $this->render('account/login.html.twig', array( 'error' => $error ));
    }
}

StUser.php实体

namespace AppBundle\Entity;
use Symfony\Component\Security\Core\User\UserInterface;

class StUser implements UserInterface
{
    private $id;
    private $firstName;
    private $lastName;
    private $email;
    private $username;
    private $password;
    private $plainPassword;
    private $isAdmin = '0';
    private $code;
    private $guid;
    private $secret;
    private $confirmed;
    private $created = 'CURRENT_TIMESTAMP';
    private $status = '1';

    public function getId() { return $this->id; }
    public function setFirstName($firstName) { $this->firstName =     $firstName; return $this; }
    public function getFirstName() { return $this->firstName; }
    public function setLastName($lastName) { $this->lastName = $lastName; return $this; }
    public function getLastName() { return $this->lastName; }
    public function setEmail($email) { $this->email = $email; return $this; }
    public function getEmail() { return $this->email; }
    public function setUsername($username) { $this->username = $username; return $this; }
    public function getUsername() { return $this->username; }
    public function setPassword($password) { $this->password = $password; return $this; }
    public function getPassword() { return $this->password; }
    public function setPlainPassword($plainPassword) { $this->plainPassword = $plainPassword; return $this; }
    public function getPlainPassword() { return $this->plainPassword; }
    public function setCode($code) { $this->code = $code; return $this; }
    public function getCode() { return $this->code; }
    public function setGuid($guid) { $this->guid = $guid; return $this; }
    public function getGuid() { return $this->guid; }
    public function setSecret($secret) { $this->secret = $secret; return $this; }
    public function getSecret() { return $this->secret; }
    public function setIsAdmin($isAdmin) { $this->isAdmin = $isAdmin; return $this; }
    public function getIsAdmin() { return $this->isAdmin; }
    public function setConfirmed($confirmed) { $this->confirmed = $confirmed; return $this; }
    public function getConfirmed() { return $this->confirmed; }
    public function setCreated($created) { $this->created = $created; return $this; }
    public function getCreated() { return $this->created; }
    public function setStatus($status) { $this->status = $status; return $this; }
    public function getStatus() { return $this->status; }

    public function getRoles() { return null; }
    public function getSalt() { return null; }
    public function eraseCredentials() { }

    public function __construct($email = '', $password = '', $salt = '', $roles = array())
    {
        $this->email = $email;
        $this->password = $password;
    }
}

当我显示 sql 查询时，它看起来只检查电子邮件，没有别的。

我还需要执行其他操作吗？也许是 UserRepository class？或者我的配置有误？

提前致谢。

Answer 1

我发现我的 security.yml 有一些奇怪的差异。查看并找到：

security:

    encoders:
        AppBundle\Entity\User:
            algorithm: bcrypt
            cost: 12

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: ROLE_ADMIN

    providers:
        our_db_provider:
            entity:
                class: AppBundle:User
                property: email

    firewalls:
        # disables authentication for assets and the profiler, adapt it according to your needs
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        main:
            anonymous: ~
            pattern:    ^/
            provider: our_db_provider
            form_login:
                login_path: /login
                check_path: /login_check
                csrf_token_generator: security.csrf.token_manager       # FOR SYMFONY 2.7 OR BELOW USE:   csrf_provider: security.csrf.token_manager
            logout:
                path:   /logout
                target: /

    access_control:
        # require ROLE_ADMIN for /admin*
        - { path: ^/admin, roles: ROLE_ADMIN }

Symfony3 授权不起作用 - 总是错误的凭据

Symfony3 authorization doesn't work - always wrong credentials

php

symfony

login

authorization

symfony-3.2