symfony 2 中的登录系统
Login system in symfony 2
我试图在 symfony2 中创建一个身份验证系统但没有结果。在我遇到的所有情况的调试状态栏中:记录为匿名。
如果我在视图中转储会话,我得到:
"_security.last_error" => BadCredentialsException
我的路由文件:
shop_show_login_page:
path: /login
defaults: { _controller: ShopDesktopBundle:User:loginPage }
shop_login_user:
path: /loginUser
defaults: { _controller: ShopDesktopBundle:User:loginCheck }
shop_logout_user:
path: /logout
我的控制器:
class UserController extends Controller{
public function loginPageAction(){
return $this->render('ShopDesktopBundle:User:loginPage.html.twig');
}
public function loginCheckAction(){
$request = $this->getRequest();
$password = $request->request->get('_password');
$login = $request->request->get('_username');
$em = $this->getDoctrine()->getEntityManager();
$repository = $em->getRepository('ShopDesktopBundle:Customer');
$user = $repository->findOneBy(array('customer_login'=> $login, 'customer_password'=> $password));
if($user){
return $this->redirect($this->generateUrl('shop_desktop_homepage'));
}else{
return $this->render('ShopDesktopBundle:User:loginPage.html.twig',array('message_failed' => 'Eroare : login sau password este gresit'));
}
}
}
我的看法:
<form action="{{ path('shop_login_user') }}" method="post">
<div class="form-group">
<div class="input-group">
<span class="input-group-addon"><i class="fa fa-user"></i></span>
<input type="text" class="form-control" placeholder="Username" name="_username">
</div>
</div>
<div class="form-group">
<div class="input-group">
<span class="input-group-addon"><i class="fa fa-lock"></i></span>
<input type="text" class="form-control" placeholder="Password" name="_password">
</div>
</div>
<div class="form-group">
<button type="submit" class="button">Autentificare</button>
</div>
</form>
Security.yml :
security:
# http://symfony.com/doc/current/book/security.html#encoding-the-user-s-password
encoders:
Symfony\Component\Security\Core\User\User: plaintext
# http://symfony.com/doc/current/book/security.html#hierarchical-roles
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
in_memory:
memory:
users:
user: { password: userpass, roles: [ 'ROLE_USER' ] }
admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
# the main part of the security, where you can set up firewalls
# for specific sections of your app
firewalls:
# disables authentication for assets and the profiler, adapt it according to your needs
secured_area:
pattern: ^/
form_login:
check_path: shop_login_user
login_path: shop_show_login_page
username_parameter: _username
password_parameter: _password
logout:
invalidate_session: true
path: shop_logout_user
target: /
anonymous: true
#http_basic:
# realm: "Secured Demo Area"
# with these settings you can restrict or allow access for different parts
# of your application based on roles, ip, host or methods
# http://symfony.com/doc/current/cookbook/security/access_control.html
access_control:
#- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
我用了好几天都没有结果。请帮帮我!!!提前致谢
我认为问题在于,您还没有更新 user providers 在 security.yml 中,您仍然有一个由in_memory 用户提供商。安全系统不知道你自己classShopDesktopBundle:Customer.
如果您按照“How to Create a custom User Provider”上的食谱进行操作,您应该可以通过以下方式解决它:
更新您的用户 class
您的用户 class Customer 必须实施 UserInterface (and also recommended EquatableInterface)
class Customer implements UserInterface, EquatableInterface { […] }
添加用户提供者
您必须创建一个 UserProvider,例如:
class CustomerUserProvider implements UserProviderInterface {
public function loadUserByUsername($username) { […]}
public function refreshUser(UserInterface $user) { […] }
public function supportsClass($class) {
return $class === 'Shop\DesktopBundle\Customer';
}
}
在security.yml
中创建服务并更新user_provider
最后在您的 service.yml 中创建一个服务,例如:
services:
customer_user_provider:
class: Shop\DesktopBundle\CustomerUserProvider
并更新 security.yml 如:
security:
providers:
webservice:
id: customer_user_provider
我试图在 symfony2 中创建一个身份验证系统但没有结果。在我遇到的所有情况的调试状态栏中:记录为匿名。
如果我在视图中转储会话,我得到:
"_security.last_error" => BadCredentialsException
我的路由文件:
shop_show_login_page:
path: /login
defaults: { _controller: ShopDesktopBundle:User:loginPage }
shop_login_user:
path: /loginUser
defaults: { _controller: ShopDesktopBundle:User:loginCheck }
shop_logout_user:
path: /logout
我的控制器:
class UserController extends Controller{
public function loginPageAction(){
return $this->render('ShopDesktopBundle:User:loginPage.html.twig');
}
public function loginCheckAction(){
$request = $this->getRequest();
$password = $request->request->get('_password');
$login = $request->request->get('_username');
$em = $this->getDoctrine()->getEntityManager();
$repository = $em->getRepository('ShopDesktopBundle:Customer');
$user = $repository->findOneBy(array('customer_login'=> $login, 'customer_password'=> $password));
if($user){
return $this->redirect($this->generateUrl('shop_desktop_homepage'));
}else{
return $this->render('ShopDesktopBundle:User:loginPage.html.twig',array('message_failed' => 'Eroare : login sau password este gresit'));
}
}
}
我的看法:
<form action="{{ path('shop_login_user') }}" method="post">
<div class="form-group">
<div class="input-group">
<span class="input-group-addon"><i class="fa fa-user"></i></span>
<input type="text" class="form-control" placeholder="Username" name="_username">
</div>
</div>
<div class="form-group">
<div class="input-group">
<span class="input-group-addon"><i class="fa fa-lock"></i></span>
<input type="text" class="form-control" placeholder="Password" name="_password">
</div>
</div>
<div class="form-group">
<button type="submit" class="button">Autentificare</button>
</div>
</form>
Security.yml :
security:
# http://symfony.com/doc/current/book/security.html#encoding-the-user-s-password
encoders:
Symfony\Component\Security\Core\User\User: plaintext
# http://symfony.com/doc/current/book/security.html#hierarchical-roles
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
in_memory:
memory:
users:
user: { password: userpass, roles: [ 'ROLE_USER' ] }
admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
# the main part of the security, where you can set up firewalls
# for specific sections of your app
firewalls:
# disables authentication for assets and the profiler, adapt it according to your needs
secured_area:
pattern: ^/
form_login:
check_path: shop_login_user
login_path: shop_show_login_page
username_parameter: _username
password_parameter: _password
logout:
invalidate_session: true
path: shop_logout_user
target: /
anonymous: true
#http_basic:
# realm: "Secured Demo Area"
# with these settings you can restrict or allow access for different parts
# of your application based on roles, ip, host or methods
# http://symfony.com/doc/current/cookbook/security/access_control.html
access_control:
#- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
我用了好几天都没有结果。请帮帮我!!!提前致谢
我认为问题在于,您还没有更新 user providers 在 security.yml 中,您仍然有一个由in_memory 用户提供商。安全系统不知道你自己classShopDesktopBundle:Customer.
如果您按照“How to Create a custom User Provider”上的食谱进行操作,您应该可以通过以下方式解决它:
更新您的用户 class
您的用户 class Customer 必须实施 UserInterface (and also recommended EquatableInterface)
class Customer implements UserInterface, EquatableInterface { […] }
添加用户提供者
您必须创建一个 UserProvider,例如:
class CustomerUserProvider implements UserProviderInterface {
public function loadUserByUsername($username) { […]}
public function refreshUser(UserInterface $user) { […] }
public function supportsClass($class) {
return $class === 'Shop\DesktopBundle\Customer';
}
}
在security.yml
中创建服务并更新user_provider
最后在您的 service.yml 中创建一个服务,例如:
services:
customer_user_provider:
class: Shop\DesktopBundle\CustomerUserProvider
并更新 security.yml 如:
security:
providers:
webservice:
id: customer_user_provider