Symfony 2.6 安全 BCryptPasswordEncoder 错误
Symfony 2.6 security BCryptPasswordEncoder error
我正在使用 Symfony 2.6、PHP 5.4 和 MySQL 5.6 以及 Twig 开发网络应用程序。我也在使用 YAML 和 bcrypt
目前我正在开发一个登录表单,我遵循了 Symfony2 Tutorial 但是当我测试网络应用程序时我收到了这个错误:
Warning: password_verify() expects parameter 2 to be string, resource given
Stack Trace in vendor/symfony/symfony/src/Symfony/Component/Security/Core/Encoder/BCryptPasswordEncoder.php at line 89 -
public function isPasswordValid($encoded, $raw, $salt)
{
return !$this->isPasswordTooLong($raw) && password_verify($raw, $encoded);
}
}
这是相关代码:
Security.xml
security:
encoders:
InterempleaBundle\Entity\Usuario:
algorithm: bcrypt
cost: 12
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
mysql_db_provider:
entity:
class: InterempleaBundle:Usuario
property: email
firewalls:
admin_area:
pattern: ^/IniciaSesion
http_basic: ~
provider: mysql_db_provider
form_login:
login_path: index
check_path: /IniciaSesion/login_check
failure_path: index
access_control:
- { path: ^/IniciaSesion, roles: ROLE_ADMIN }
Entity\Usuario.php(用户实体)
class Usuario implements UserInterface, \Serializable {
/**
* @var string
*/
private $email;
/**
* @var string
*/
private $contrasena;
/**
* @var \DateTime
*/
private $fechaultimoacceso;
/**
* @var string
*/
private $imagenperfil;
/**
* @var integer
*/
private $id;
/**
* Set email
*
* @param string $email
* @return Usuario
*/
public function setEmail($email) {
$this->email = $email;
return $this;
}
/**
* Get email
*
* @return string
*/
public function getEmail() {
return $this->email;
}
/**
* Set contrasena
*
* @param string $contrasena
* @return Usuario
*/
public function setContrasena($contrasena) {
$this->contrasena = $contrasena;
return $this;
}
/**
* Get contrasena
*
* @return string
*/
public function getContrasena() {
return $this->contrasena;
}
/**
* Set fechaultimoacceso
*
* @param \DateTime $fechaultimoacceso
* @return Usuario
*/
public function setFechaultimoacceso($fechaultimoacceso) {
$this->fechaultimoacceso = $fechaultimoacceso;
return $this;
}
/**
* Get fechaultimoacceso
*
* @return \DateTime
*/
public function getFechaultimoacceso() {
return $this->fechaultimoacceso;
}
/**
* Set imagenperfil
*
* @param string $imagenperfil
* @return Usuario
*/
public function setImagenperfil($imagenperfil) {
$this->imagenperfil = $imagenperfil;
return $this;
}
/**
* Get imagenperfil
*
* @return string
*/
public function getImagenperfil() {
return $this->imagenperfil;
}
/**
* Get id
*
* @return integer
*/
public function getId() {
return $this->id;
}
public function serialize() {
return serialize(array(
$this->id,
$this->email,
$this->contrasena,
// see section on salt below
// $this->salt,
));
}
public function unserialize($serialized) {
list (
$this->id,
$this->email,
$this->contrasena,
// see section on salt below
// $this->salt
) = unserialize($serialized);
}
public function eraseCredentials() {
}
public function getPassword() {
return $this->contrasena;
}
public function getRoles() {
return array('ROLE_ADMIN');
}
public function getSalt() {
return null;
}
public function getUsername() {
return $this->email;
}
}
LoginAction 在 SecurityController
中
...
public function loginAction() {
$authenticationUtils = $this->get('security.authentication_utils');
// get the login error if there is one
$error = $authenticationUtils->getLastAuthenticationError();
// last username entered by the user
$lastUsername = $authenticationUtils->getLastUsername();
$repositorioUsuario = $this->getDoctrine()->getRepository('InterempleaBundle:Usuario');
$usuario = $repositorioUsuario->loadUserByUsername($lastUsername);
return $this->render(
'InterempleaBundle:Usuario:panel_principal.html.twig', array(
// last username entered by the user
'last_username' => $usuario->id,
'error' => $error,
)
);
}
...
我对实体内部的 salt 属性表示怀疑,但教程说它必须为 null。
这会发生什么?我错过了一些步骤吗?
随时询问任何其他代码或解释。
提前致谢!
按照@Martin Rios 的建议,我检查了 $encoded
变量的内容,我意识到在 Symfony2 教程 中,数据库中的密码字段是 varchar(64) 而我有一个 binary(64) 。所以我将数据类型更改为密码字段,使用 Doctrine 命令重新生成实体,清理缓存并且成功了!
我正在使用 Symfony 2.6、PHP 5.4 和 MySQL 5.6 以及 Twig 开发网络应用程序。我也在使用 YAML 和 bcrypt
目前我正在开发一个登录表单,我遵循了 Symfony2 Tutorial 但是当我测试网络应用程序时我收到了这个错误:
Warning: password_verify() expects parameter 2 to be string, resource given
Stack Trace in vendor/symfony/symfony/src/Symfony/Component/Security/Core/Encoder/BCryptPasswordEncoder.php at line 89 -
public function isPasswordValid($encoded, $raw, $salt)
{
return !$this->isPasswordTooLong($raw) && password_verify($raw, $encoded);
}
}
这是相关代码: Security.xml
security:
encoders:
InterempleaBundle\Entity\Usuario:
algorithm: bcrypt
cost: 12
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
mysql_db_provider:
entity:
class: InterempleaBundle:Usuario
property: email
firewalls:
admin_area:
pattern: ^/IniciaSesion
http_basic: ~
provider: mysql_db_provider
form_login:
login_path: index
check_path: /IniciaSesion/login_check
failure_path: index
access_control:
- { path: ^/IniciaSesion, roles: ROLE_ADMIN }
Entity\Usuario.php(用户实体)
class Usuario implements UserInterface, \Serializable {
/**
* @var string
*/
private $email;
/**
* @var string
*/
private $contrasena;
/**
* @var \DateTime
*/
private $fechaultimoacceso;
/**
* @var string
*/
private $imagenperfil;
/**
* @var integer
*/
private $id;
/**
* Set email
*
* @param string $email
* @return Usuario
*/
public function setEmail($email) {
$this->email = $email;
return $this;
}
/**
* Get email
*
* @return string
*/
public function getEmail() {
return $this->email;
}
/**
* Set contrasena
*
* @param string $contrasena
* @return Usuario
*/
public function setContrasena($contrasena) {
$this->contrasena = $contrasena;
return $this;
}
/**
* Get contrasena
*
* @return string
*/
public function getContrasena() {
return $this->contrasena;
}
/**
* Set fechaultimoacceso
*
* @param \DateTime $fechaultimoacceso
* @return Usuario
*/
public function setFechaultimoacceso($fechaultimoacceso) {
$this->fechaultimoacceso = $fechaultimoacceso;
return $this;
}
/**
* Get fechaultimoacceso
*
* @return \DateTime
*/
public function getFechaultimoacceso() {
return $this->fechaultimoacceso;
}
/**
* Set imagenperfil
*
* @param string $imagenperfil
* @return Usuario
*/
public function setImagenperfil($imagenperfil) {
$this->imagenperfil = $imagenperfil;
return $this;
}
/**
* Get imagenperfil
*
* @return string
*/
public function getImagenperfil() {
return $this->imagenperfil;
}
/**
* Get id
*
* @return integer
*/
public function getId() {
return $this->id;
}
public function serialize() {
return serialize(array(
$this->id,
$this->email,
$this->contrasena,
// see section on salt below
// $this->salt,
));
}
public function unserialize($serialized) {
list (
$this->id,
$this->email,
$this->contrasena,
// see section on salt below
// $this->salt
) = unserialize($serialized);
}
public function eraseCredentials() {
}
public function getPassword() {
return $this->contrasena;
}
public function getRoles() {
return array('ROLE_ADMIN');
}
public function getSalt() {
return null;
}
public function getUsername() {
return $this->email;
}
}
LoginAction 在 SecurityController
中...
public function loginAction() {
$authenticationUtils = $this->get('security.authentication_utils');
// get the login error if there is one
$error = $authenticationUtils->getLastAuthenticationError();
// last username entered by the user
$lastUsername = $authenticationUtils->getLastUsername();
$repositorioUsuario = $this->getDoctrine()->getRepository('InterempleaBundle:Usuario');
$usuario = $repositorioUsuario->loadUserByUsername($lastUsername);
return $this->render(
'InterempleaBundle:Usuario:panel_principal.html.twig', array(
// last username entered by the user
'last_username' => $usuario->id,
'error' => $error,
)
);
}
...
我对实体内部的 salt 属性表示怀疑,但教程说它必须为 null。
这会发生什么?我错过了一些步骤吗?
随时询问任何其他代码或解释。
提前致谢!
按照@Martin Rios 的建议,我检查了 $encoded
变量的内容,我意识到在 Symfony2 教程 中,数据库中的密码字段是 varchar(64) 而我有一个 binary(64) 。所以我将数据类型更改为密码字段,使用 Doctrine 命令重新生成实体,清理缓存并且成功了!