大家好我一直在尝试一起登录系统并且在多次差异尝试中我仍然收到错误的凭据消息。我怀疑它与我的编码不匹配有关,我没有使用密码,所以它们存储在数据库中,因为用户会输入它,我仍然会收到此消息。
user.php的:
<?php
namespace Simple\ProfileBundle\Entity;
use Symfony\Component\Security\Core\User\UserInterface;
use Doctrine\ORM\Mapping as ORM;
/**
* @ORM\Entity
* @ORM\Table(name="users")
*/
class User implements UserInterface
{
/**
* @ORM\Id
* @ORM\Column(type="integer")
* @ORM\GeneratedValue(strategy="AUTO")
*/
protected $id;
/**
* @ORM\Column(name="user", type="string", length=255)
*/
protected $username;
/**
* @ORM\Column(name="password", type="string", length=255)
*/
protected $password;
/**
* @ORM\Column(name="salt", type="string", length=255)
*/
protected $salt;
/**
* @ORM\ManyToMany(targetEntity="Role")
* @ORM\JoinTable(name="user_role",
* joinColumns={@ORM\JoinColumn(name="user_id", referencedColumnName="id")},
* inverseJoinColumns={@ORM\JoinColumn(name="role_id", referencedColumnName="id")}
* )
*/
protected $roles;
/**
* @inheritDoc
*/
public function getUsername()
{
return $this->username;
}
/**
* @inheritDoc
*/
public function getSalt()
{
return $this->salt;
}
/**
* @inheritDoc
*/
public function getPassword()
{
return $this->password;
}
/**
* @inheritDoc
*/
public function getRoles()
{
return array('ROLE_USER');
}
/**
* @inheritDoc
*/
public function eraseCredentials()
{
}
/**
* Constructor
*/
public function __construct()
{
$this->roles = new \Doctrine\Common\Collections\ArrayCollection();
$this->salt = sha1(uniqid(null, true));
}
/**
* Get id
*
* @return integer
*/
public function getId()
{
return $this->id;
}
/**
* Set user
*
* @param string $user
* @return User
*/
public function setUser($user)
{
$this->user = $user;
return $this;
}
/**
* Get user
*
* @return string
*/
public function getUser()
{
return $this->user;
}
/**
* Set password
*
* @param string $password
* @return User
*/
public function setPassword($password)
{
$this->password = $password;
return $this;
}
/**
* Set salt
*
* @param string $salt
* @return User
*/
public function setSalt($salt)
{
$this->salt = $salt;
return $this;
}
/**
* Add roles
*
* @param \Simple\ProfileBundle\Entity\Role $roles
* @return User
*/
public function addRole(\Simple\ProfileBundle\Entity\Role $roles)
{
$this->roles[] = $roles;
return $this;
}
/**
* Remove roles
*
* @param \Simple\ProfileBundle\Entity\Role $roles
*/
public function removeRole(\Simple\ProfileBundle\Entity\Role $roles)
{
$this->roles->removeElement($roles);
}
/**
* Set username
*
* @param string $username
* @return User
*/
public function setUsername($username)
{
$this->username = $username;
return $this;
}
}
security.yml:
security:
encoders:
Simple\ProfileBundle\Entity\User:
algorithm: sha1
role_hierarchy:
ROLE_ADMIN: [ROLE_USER]
providers:
user_db:
entity: { class: Simple\ProfileBundle\Entity\User, property: username }
firewalls:
main:
pattern: /.*
provider: user_db
form_login:
login_path: /login
check_path: /login_check
remember_me: true
logout:
path: /logout
target: /
remember_me:
key: MiPassphrase
lifetime: 1800
path: /.*
domain: ~
security: true
anonymous: true
access_control:
- { path: /login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: /user, roles: ROLE_USER }
- { path: /admin, roles: ROLE_ADMIN }
- { path: /.*, roles: IS_AUTHENTICATED_ANONYMOUSLY }
SecurityController.php:
<?php
namespace Simple\ProfileBundle\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\Security\Core\SecurityContext;
class SecurityController extends Controller
{
public function loginAction()
{
$request = $this->getRequest();
$session = $request->getSession();
// get the login error if there is one
if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
$error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
} else {
$error = $session->get(SecurityContext::AUTHENTICATION_ERROR);
}
return $this->render('SimpleProfileBundle:Security:login.html.twig', array(
// last username entered by the user
'last_username' => $session->get(SecurityContext::LAST_USERNAME),
'error' => $error,
));
}
public function dumpStringAction()
{
return $this->render('SimpleProfileBundle:Security:dumpString.html.twig', array());
}
}
和registration.php
<?php
// src/Simple\ProfileBundle/Form/Model/Registration.php
namespace Simple\ProfileBundle\Form\Model;
use Symfony\Component\Validator\Constraints as Assert;
use Simple\ProfileBundle\Entity\User;
class Registration
{
/**
* @Assert\Type(type="Simple\ProfileBundle\Entity\User")
* @Assert\Valid()
*/
protected $user;
/**
* @Assert\NotBlank()
* @Assert\True()
*/
protected $termsAccepted;
public function setUser(User $user)
{
$this->user = $user;
}
public function getUser()
{
return $this->user;
}
public function getTermsAccepted()
{
return $this->termsAccepted;
}
public function setTermsAccepted($termsAccepted)
{
$this->termsAccepted = (Boolean) $termsAccepted;
}
}
我希望有人可以帮我解决这个问题? 干杯
答案 0 :(得分:1)
嗯,你的security.yml指定了sha1编码,但你说明你的密码是纯文本。这可能就是问题所在。
看起来使用纯文本编码,您只需从配置中删除编码块。
我强烈反对您不使用纯文本编码。实际上,安全性和散列很难。不要自己做。使用FOSUserBundle:https://github.com/FriendsOfSymfony/FOSUserBundle