我是Silex的新手,我使用this tutorial来设置Doctrine ORM。
但是现在当我尝试登录时,我收到了“Bad credentials”错误。 当我使用默认的“login_check”控制器时会发生这种情况。
如果我使用自定义的,它可以工作,但我不知道如何将用户重定向到他正在寻找的页面。 (我在我的登录控制器中试过了$ request-> headers-> get('referer'),但它是空的。)
这是我的自定义login_check控制器:
$app->post('/login-check-perso', function(Request $request) use ($app){
$route = $request->request->filter('route');
$password = $request->get('_password');
$username = $request->get('_email');
$userProvider = new \Lib\Provider\UserProvider($app);
$user = null;
try {
$user = $userProvider->loadUserByUsername($username);
}
catch (UsernameNotFoundException $e)
{
}
$encoder = $app['security.encoder_factory']->getEncoder($user);
// compute the encoded password
$encodedPassword = $encoder->encodePassword($password, $user->getSalt());
// compare passwords
if ($user->getPassword() == $encodedPassword)
{
// set security token into security
$token = new UsernamePasswordToken($user, $password, 'yourProviderKeyHere', array('ROLE_ADMIN'));
$app['security']->setToken($token);
// redirect or give response here
} else {
// error feedback
echo "wrong password";
die();
}
// replace url by the one the user requested while he wasn't logged in
return $app->redirect('/web/index_dev.php/admin/');
})->bind('login_check_perso');
因此,如果有人可以解释如何使用默认的“login_check”,或者向我解释如何将用户重定向到他未尝试登录时试图访问的页面,那就太棒了。
由于
编辑:
我认为“Bad Credentials”是由错误的编码器设置引起的,我使用this
配置我的:
$app['security.encoder.digest'] = $app->share(function ($app) {
// use the sha1 algorithm
// don't base64 encode the password
// use only 1 iteration
return new MessageDigestPasswordEncoder('sha1', false, 1);
});
$app['security.encoder_factory'] = $app->share(function ($app) {
return new EncoderFactory(
array(
'Symfony\Component\Security\Core\User\UserInterface' => $app['security.encoder.digest'],
'Entity\User' => $app['security.encoder.digest'],
)
);
});
这是对的吗?
答案 0 :(得分:0)
您可以扩展DefaultAuthenticationSuccessHandler,它将在成功登录后调用,我这样做:
// overwrite the default authentication success handler
$app['security.authentication.success_handler.general'] = $app->share(function () use ($app) {
return new CustomAuthenticationSuccessHandler($app['security.http_utils'], array(), $app);
});
创建CustomAuthenticationSuccessHandler:
use Symfony\Component\Security\Http\Authentication\DefaultAuthenticationSuccessHandler;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Security\Http\HttpUtils;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Silex\Application;
class CustomAuthenticationSuccessHandler extends DefaultAuthenticationSuccessHandler
{
protected $app = null;
/**
* Constructor
*
* @param HttpUtils $httpUtils
* @param array $options
* @param unknown $database
*/
public function __construct(HttpUtils $httpUtils, array $options, Application $app)
{
parent::__construct($httpUtils, $options);
$this->app = $app;
}
/**
* (non-PHPdoc)
* @see \Symfony\Component\Security\Http\Authentication\DefaultAuthenticationSuccessHandler::onAuthenticationSuccess()
*/
public function onAuthenticationSuccess(Request $request, TokenInterface $token)
{
$user = $token->getUser();
$data = array(
'last_login' => date('Y-m-d H:i:s')
);
// save the last login of the user
$this->app['account']->updateUser($user->getUsername(), $data);
return $this->httpUtils->createRedirectResponse($request, $this->determineTargetUrl($request));
}
}
我正在使用onAuthenticationSuccess()来保存用户上次登录日期时间。您可以使用createRedirectResponse()将用户重定向到您需要的起点。