我已经大致遵循了Symfony的Security和How to load Security Users from the Database指令以及一些小的自定义配置,但我无法使用我在数据库中的用户登录! in_memory用户工作正常!
这是我的security.yml:
jms_security_extra:
secure_all_services: false
expressions: true
security:
encoders:
NEWS\BlogBundle\Entity\Author: plaintext
role_hierarchy:
ROLE_ADMIN: ROLE_USER
providers:
chain_provider:
chain:
providers: [user_db, in_memory]
user_db:
entity: { class: NEWSBlogBundle:Author , property: username }
in_memory:
memory:
users:
admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
firewalls:
admin_area:
pattern: ^/admin
http_basic: ~
secured_area:
pattern: ^/
anonymous: ~
form_login:
login_path: /Login
check_path: /login_check
username_parameter: username
password_parameter: password
logout:
path: /logout
target: /blog
access_control:
- { path: ^/admin, roles: ROLE_ADMIN }
- { path: ^/newpost, roles: ROLE_USER }
我的Author.php(用户)实体(我删除了功能注释以缩短它):
<?php
namespace NEWS\BlogBundle\Entity;
use Doctrine\ORM\Mapping as ORM;
/**
* Author
*/
class Author implements \Symfony\Component\Security\Core\User\AdvancedUserInterface, \Serializable
{
/**
* @var integer
*/
private $id;
/**
* @var string
*/
private $username;
/**
* @var string
*/
private $password;
/**
* @var string
*/
private $Name;
/**
* @var string
*/
private $Surname;
/**
* @var string
*/
private $salt;
/**
* @var boolean
*/
private $isActive;
/**
* @var \NEWS\BlogBundle\Entity\Category
*/
private $category;
/**
* Get id
*
* @return integer
*/
public function getId()
{
return $this->id;
}
public function setUsername($username)
{
$this->username = $username;
return $this;
}
public function getUsername()
{
return $this->username;
}
public function setPassword($password)
{
$this->password = $password;
return $this;
}
public function getPassword()
{
return $this->password;
}
public function setCategory(\NEWS\BlogBundle\Entity\Category $category = null)
{
$this->category = $category;
return $this;
}
public function getCategory()
{
return $this->category;
}
public function setName($name)
{
$this->Name = $name;
return $this;
}
public function getName()
{
return $this->Name;
}
public function setSurname($surname)
{
$this->Surname = $surname;
return $this;
}
public function getSurname()
{
return $this->Surname;
}
public function __construct()
{
$this->isActive = true;
$this-> salt = sha1(uniqid(null, true));
}
public function setSalt($salt)
{
$this->salt = $salt;
return $this;
}
public function getSalt()
{
return $this->salt;
}
public function setIsActive($isActive)
{
$this->isActive = $isActive;
return $this;
}
public function getIsActive()
{
return $this->isActive;
}
public function isAccountNonExpired()
{
// TODO: Implement isAccountNonExpired() method.
return true;
}
public function isAccountNonLocked()
{
// TODO: Implement isAccountNonLocked() method.
return true;
}
public function isCredentialsNonExpired()
{
return true;
}
public function isEnabled()
{
return $this->isActive;
}
public function getRoles()
{
return array('ROLE_USER');
}
public function eraseCredentials()
{
// TODO: Implement eraseCredentials() method.
}
/**
* @var \Doctrine\Common\Collections\Collection
*/
private $posts;
public function addPost(\NEWS\BlogBundle\Entity\Post $posts)
{
$this->posts[] = $posts;
return $this;
}
public function removePost(\NEWS\BlogBundle\Entity\Post $posts)
{
$this->posts->removeElement($posts);
}
public function getPosts()
{
return $this->posts;
}
public function serialize()
{
return serialize(array(
$this->id,
));
}
public function unserialize($serialized)
{
list (
$this->id,
) = unserialize($serialized);
}
}
这是我的Login.html.twig
{# src/NEWS/BlogBundle/Resources/views/Page/Login.html.twig #}
{% extends 'NEWSBlogBundle::layout.html.twig' %}
{% block title %}Login Page{% endblock%}
{% block body %}
<header>
</header>
{% if app.session.hasFlash('blogger-notice') %}
<div class="blogger-notice">
{{ app.session.flash('blogger-notice') }}
</div>
{% endif %}
{% if error %}
<div>{{ error.message }}</div>
{% endif %}
<form action="{{ path('login_check') }}" method="post">
<label for="username">Username:</label>
<input type="text" id="username" name="username" value="{{ last_username }}" />
<label for="password">Password:</label>
<input type="password" id="password" name="password" />
<button type="submit">Login</button>
</form>
{% endblock %}
登录控制器:
public function LoginAction()
{
$request = $this->getRequest();
$session = $request->getSession();
// get the login error if there is one
if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
$error = $request->attributes->get(
SecurityContext::AUTHENTICATION_ERROR
);
} else {
$error = $session->get(SecurityContext::AUTHENTICATION_ERROR);
$session->remove(SecurityContext::AUTHENTICATION_ERROR);
}
return $this->render(
'NEWSBlogBundle:Page:Login.html.twig',
array(
// last username entered by the user
'last_username' => $session->get(SecurityContext::LAST_USERNAME),
'error' => $error,
)
);
}
以及构建我的登录表单的函数:
public function buildForm(FormBuilderInterface $builder, array $options)
{
$builder->add('username', 'text');
$builder->add('password', 'password');
return $builder->getForm();
}
我一直试图解决这个问题三天,但还没有成功!我真的很感激任何帮助!
我不知道是否需要注册功能,我现在不包括它们,因为这个问题到目前为止已经足够长了!
PS:我的登录路线故意以大写字母开头,我知道我已经从用户/传递参数中删除了'_',我确实尝试将它们更改回原始形式,但是stil得到了同样的错误!
答案 0 :(得分:1)
输入字段应包含下划线
<input type="text" id="username" name="_username" value="{{ last_username }}" />
<input type="password" id="password" name="_password" />
看起来很有趣,但面对它