这是app / logs / dev.log:
[2013-05-19 13:29:42] doctrine.DEBUG: SET NAMES UTF8 [] []
[2013-05-19 13:29:42] doctrine.DEBUG: SELECT t0.id AS id1, t0.username AS username2, t0.salt AS salt3, t0.password AS password4, t0.email AS email5, t0.is_active AS is_active6 FROM user t0 WHERE t0.username = ? LIMIT 1 ["administrator"] []
[2013-05-19 13:29:42] security.INFO: Authentication request failed: Bad credentials [] []
这是我创建并加载到DB的夹具:
class FixtureLoader implements FixtureInterface {
public function load(ObjectManager $manager) {
$role = new Role();
$role->setName('Администратор');
$role->setRole('ROLE_ADMIN');
$manager->persist($role);
$user = new User();
$user->setUsername('administrator');
$user->setEmail('admin@umahanov.com');
$user->setSalt(md5(time()));
$user->setIsActive(false);
$encoder = new MessageDigestPasswordEncoder('sha512',true,10);
$password = $encoder->encodePassword('111111', $user->getSalt());
$user->setPassword($password);
$user->getUserRoles()->add($role);
$manager->persist($user);
$manager->flush();
}
}
我的security.yml
security:
encoders:
Umahanov\UserBundle\Entity\User:
algorithm: sha512
encode-as-base64: true
iterations: 10
providers:
main:
entity: { class: UmahanovUserBundle:User, property: username}
firewalls:
insecure:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
secure_area:
pattern: ^/
form_login:
login_path: /user/login
check_path: /user/login_check
logout:
path: /user/logout
target: /
anonymous: ~
role_hierarchy:
ROLE_ADMIN: ROLE_USER
access_control:
- { path: ^/admin, role: ROLE_ADMIN}
- { path: ^/.*, role: IS_AUTHENTICATED_ANONYMOUSLY }
我有简单的实体 - 具有多种关系的用户和角色
我的表格:
{% extends '::layout.html.twig' %}
{% block content %}
{% if error %}
<div> {{ error.message }}</div>
{% endif %}
<form action="{{ path('user_check_path')}}" method="post" novalidate="">
<label for="username">Username:</label>
<input type="text" id="username" name="_username" value="{{ last_username }}" />
<label for="password">Password:</label>
<input type="password" id="password" name="_password" />
<button type="submit">войти</button>
</form>
<p><a href="{{ path('user_register') }}">sign up here</a></p>
{% endblock %}
不知道为什么它会显示错误的凭据。也有人可以解释一下,为什么 doctrine.DEBUG查询中没有密码比较?
答案 0 :(得分:4)
问题在于密码字段的长度(VARCHAR(40))
SHA512生成长度为88个符号的字符串