我一直在研究Symfony项目,认证过程变得令人头疼。似乎配置文件没问题,但是当我测试时,登录页面只是刷新一个不认证,但它也没有显示任何错误。有人可以帮我弄清楚我在这里失踪了什么吗?
我的security.yml文件是这样的(我使用的是md5,因为我正在处理遗留用户群和%app.locale%我刚刚添加,因为我想的可能是区域设置前缀路线导致了这个问题):
security:
access_denied_url: 403
encoders:
PsicoBundle\Entity\Usuario:
algorithm: md5
encode_as_base64: false
iterations: 0
providers:
in_memory:
memory: ~
our_db_provider:
entity:
class: PsicoBundle:Entity:Usuario
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: ~
provider: our_db_provider
form_login:
login_path: /%app.locales%/login
check_path: /%app.locales%/login
default_target_path: /%app.locales%/dashboard
always_use_default_target_path: true
logout:
path: /%app.locales%/logout
target: /%app.locales%/login
access_control:
- { path: ^/%app.locales%/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: /%app.locales%/manage, roles: ROLE_SUPER }
- { path: /%app.locales%/dashboard, roles: [ROLE_USER, ROLE_SUPER] }
这就是我的用户实体的样子:
<?php
namespace PsicoBundle\Entity;
use Doctrine\Common\Collections\ArrayCollection;
use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Security\Core\User\AdvancedUserInterface;
use Symfony\Component\Validator\Constraints as Assert;
use JMS\Serializer\Annotation\ExclusionPolicy;
use JMS\Serializer\Annotation\Expose;
//use Gedmo\Mapping\Annotation as Gedmo;
/**
* @ORM\Table(name="usuarios")
* @ORM\Entity(repositoryClass="PsicoBundle\Repository\UsuarioRepository")
* @ORM\HasLifecycleCallbacks
*
* @ExclusionPolicy("all")
*/
class Usuario implements AdvancedUserInterface, \Serializable {
/**
* @ORM\Column(type="integer")
* @ORM\Id
* @ORM\GeneratedValue(strategy="AUTO")
* @Expose
*/
private $id;
/**
* @ORM\Column(type="string")
* @Assert\NotNull()
* @Expose
*/
private $nome;
/**
* @ORM\Column(type="string", name="senha")
* @Expose
*/
private $password;
/**
* @ORM\Column(type="string", name="endereco")
*/
private $endereco;
/**
* @ORM\Column(type="string", length=15, name="telefone")
*/
private $telefone;
/**
* @ORM\Column(type="string", length=15, name="celular")
*/
private $celular;
/**
* @ORM\ManyToOne(targetEntity="Cidade")
*/
private $cidade;
/**
* @ORM\ManyToOne(targetEntity="Idioma")
*/
private $idioma;
/**
* @ORM\Column(type="string", name="email")
* @Assert\NotNull()
* @Expose
*/
private $email;
/**
* @ORM\Column(type="boolean")
* @Expose
*/
private $ativo;
/**
* @ORM\ManyToMany(targetEntity="TipoUsuario", inversedBy="usuarios")
*/
private $tiposUsuario;
public function __construct() {
$this->ativo = true;
$this->tiposUsuario = new ArrayCollection();
}
public function getId() {
return $this->id;
}
public function setId($id) {
$this->id = $id;
}
public function getUsername() {
return $this->email;
}
public function setUsername($username) {
$this->email = $username;
}
public function getEmail() {
return $this->email;
}
public function setEmail($email) {
$this->email = $email;
}
public function getPassword() {
return $this->password;
}
public function setPassword($password) {
$this->password = $password;
}
public function isEnabled() {
return $this->ativo;
}
public function setAtivo($ativo) {
$this->ativo = $ativo;
}
public function getRoles() {
return $this->tiposUsuario->toArray();
}
public function getPermissao() {
return $this->tiposUsuario;
}
public function getNome() {
return $this->nome;
}
public function setNome($nome) {
$this->nome = $nome;
}
public function serialize() {
return serialize(array(
$this->id,
$this->email,
$this->password,
$this->ativo,
$this->tiposUsuario
));
}
public function unserialize($serialized) {
list (
$this->id,
$this->email,
$this->password,
$this->ativo,
$this->tiposUsuario
) = unserialize($serialized);
}
public function getSalt() {
return null;
}
public function eraseCredentials() {
}
public function setRoles($tiposUsuario) {
$this->tiposUsuario = $tiposUsuario;
}
/**
* @return mixed
*/
public function getEndereco()
{
return $this->endereco;
}
/**
* @param mixed $endereco
*/
public function setEndereco($endereco)
{
$this->endereco = $endereco;
}
/**
* @return mixed
*/
public function getTelefone()
{
return $this->telefone;
}
/**
* @param mixed $telefone
*/
public function setTelefone($telefone)
{
$this->telefone = $telefone;
}
/**
* @return mixed
*/
public function getCelular()
{
return $this->celular;
}
/**
* @param mixed $celular
*/
public function setCelular($celular)
{
$this->celular = $celular;
}
/**
* @return mixed
*/
public function getCidade()
{
return $this->cidade;
}
/**
* @param mixed $cidade
*/
public function setCidade($cidade)
{
$this->cidade = $cidade;
}
/**
* @return mixed
*/
public function getTiposUsuario()
{
return $this->tiposUsuario;
}
/**
* @param mixed $tiposUsuario
*/
public function setTiposUsuario($tiposUsuario)
{
$this->tiposUsuario = $tiposUsuario;
}
public function isAccountNonExpired()
{
return true;
}
public function isAccountNonLocked()
{
return true;
}
public function isCredentialsNonExpired()
{
return true;
}
/**
* @return mixed
*/
public function getIdioma()
{
return $this->idioma;
}
/**
* @param mixed $idioma
*/
public function setIdioma($idioma)
{
$this->idioma = $idioma;
}
}
我还有Repository类通过电子邮件查询用户,如下:
<?php
namespace PsicoBundle\Repository;
use Symfony\Bridge\Doctrine\Security\User\UserLoaderInterface;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
use Doctrine\ORM\EntityRepository;
class UsuarioRepository extends EntityRepository implements UserLoaderInterface
{
public function loadUserByUsername($username)
{
$user = $this->createQueryBuilder()
->select('u, g')
->from('PsicoBundle:Usuario', 'u')
->leftJoin('u.tiposUsuario', 'g')
->where('u.email = :email')
->setParameter('email', $username)
->getQuery()
->getOneOrNullResult();
if (null == $user) {
$message = sprintf('Usuário com credencial "%s" não encontrado', $username);
throw new UsernameNotFoundException($message);
}
return $user;
}
}
我的表格是这样的:
<form class="m-t" role="form" action="{{ path('login') }}" method="post" id="login-form">
<div class="form-group">
<input type="email" class="form-control" placeholder="E-mail" required="" name="_username" value="{{ last_username }}">
</div>
<div class="form-group">
<input type="password" class="form-control" placeholder="{{ 'field.password'|trans }}" required="" name="_password">
</div>
<button type="submit" class="btn btn-primary block full-width m-b" name="login">Login</button>
<p class="text-muted text-center"><small>{{ 'login.calltoaction.text'|trans }}</small></p>
<a class="btn btn-sm btn-white btn-block" href="{{ path('cadastro_gratis') }}">{{ 'login.testbutton.text'|trans }}</a>
</form>
symfony的调试信息窗口显示我作为anon进站。 dev开发日志中唯一显示的是:
[2016-12-14 10:59:16] request.INFO: Matched route "{route}". {"route":"_wdt","route_parameters":{"_controller":"web_profiler.controller.profiler:toolbarAction","token":"fe495d","_route":"_wdt"},"request_uri":"http://localhost:8000/_wdt/fe495d","method":"GET"} []
[2016-12-14 11:04:51] request.INFO: Matched route "{route}". {"route":"login","route_parameters":{"_controller":"PsicoBundle\\Controller\\SecurityController::loginAction","_locale":"en","_route":"login"},"request_uri":"http://localhost:8000/en/login","method":"POST"} []
[2016-12-14 11:04:51] security.INFO: Populated the TokenStorage with an anonymous Token. [] []
[2016-12-14 11:04:52] request.INFO: Matched route "{route}". {"route":"_wdt","route_parameters":{"_controller":"web_profiler.controller.profiler:toolbarAction","token":"b4915e","_route":"_wdt"},"request_uri":"http://localhost:8000/_wdt/b4915e","method":"GET"} []
我的数据库中有一个用户来测试它,这个用户有两个角色。 有人可以帮助我吗?谢谢你们。
答案 0 :(得分:0)
您似乎使用了两个用户提供商in_memory和our_db_provider
尝试删除in_memory用户提供商
providers:
our_db_provider:
entity:
class: PsicoBundle:Entity:Usuario
答案 1 :(得分:0)
终于弄清楚我做错了什么。在我的security.yml中,我使用我的config.yml中定义的/%app.locales%/参数作为pt_BR | en | es,当我应该匹配我在rounting.yml中设置的路由前缀 - {_locale) - 已更改我的安全文件中的前缀路由和身份验证恢复正常。
还必须从我的控制器获取注释路径并将其插入routing.yml
所以我现在的路线是:
psico:
resource: "@PsicoBundle/Controller/"
type: annotation
prefix: /{_locale}
requirements:
_locale: "%app.locales%"
login:
path: /{_locale}/login
defaults: { _controller: PsicoBundle:Security:login}
requirements:
_locale: "%app.locales%"
logout:
path: /{_locale}/logout
defaults: { _controller: PsicoBundle:Security:logout}
requirements:
_locale: "%app.locales%"
我的安全是:
security:
access_denied_url: 403
encoders:
PsicoBundle\Entity\Usuario:
algorithm: md5
encode_as_base64: false
iterations: 0
# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
our_db_provider:
entity:
class: PsicoBundle:Usuario
property: email
firewalls:
# disables authentication for assets and the profiler, adapt it according to your needs
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: ~
provider: our_db_provider
form_login:
login_path: login
check_path: login
default_target_path: /dashboard
always_use_default_target_path: true
username_parameter: _username
password_parameter: _password
logout:
path: logout
target: /
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: /manage, roles: ROLE_USER }
- { path: /dashboard, roles: ROLE_USER }
感谢@MohamedBenHenda帮助我解决这个问题。