Silex安全提供程序 - 令牌未能设置

时间:2014-06-15 21:21:42

标签: php authentication silex

我第一次与Silex的安全提供商合作,我遇到了与此过程有关的问题。我目前有基本的HTTP身份验证工作(使用编码示例用户,如here in the docs所示)。

当为表单选项切换HTTP时,登录表单正在提交,并返回自身。我创建了一个UserProvider类,并且成功调用了loadUserByUsername方法,但是电子邮件没有被传入(设置为"NONE_PROVIDED" - 从用户名更改)。我在使用供应商代码时发现这是因为令牌未被设置($app['security']->getToken()在所有点都返回null)。我已经浏览了所有文档但我无法提及这一点。

主要代码包含在下面,如果还有其他内容,请告诉我,谢谢!

安全提供程序配置 

// Protects all routes within /auth, redirecting to /login successfully

$app->register(new SecurityServiceProvider(), array(
    'security.firewalls' => array(
        'unauth_area' => array(
            'pattern' => '^/(?!auth)'
        ),
        'auth_area' => array(
            'pattern' => '^/.*$',
            'form' => array(
                'login_path' => '/login',
                'check_path' => '/auth/login_check',
                'default_target_path' => '/auth/overview',
            ),
            'users' => $app->share(function () use ($app) {
                return new UserProvider($app['db']);
            }),
        ),
    ),
    'access_control' => array(
        array('path' => '^/.*$', 'role' => 'ROLE_USER'),
        // Include the following line to also secure the /admin path itself
        // array('path' => '^/admin$', 'role' => 'ROLE_ADMIN'),
    ),
));

(我的自定义)方法 - UserProvider类 

public function loadUserByUsername($email) {

    // Dying at this point shows it reaches here, but $email is null

    $stmt = $this->conn->executeQuery('SELECT * FROM user WHERE email = ?', array(strtolower($email)));

    if (!$user = $stmt->fetch()) {
        throw new UsernameNotFoundException(sprintf('Email "%s" does not exist.', $email));
    }

    return new User($user['email'], $user['password'], explode(',', $user['roles']), true, true, true, true);
}

表单类 

class LoginType extends AbstractType {

public function buildForm(FormBuilderInterface $builder, array $options) {
    $builder
        ->add('_username', 'text', array(
            'required' => true,
            'constraints' => array(
                new Assert\NotBlank(),
                new Assert\Email(),
            )
        ))
        ->add('_password', 'password', array(
            'required' => true,
            'constraints' => array(
                new Assert\NotBlank(),
            ),
        ))
        ->add('Login', 'submit');
}

public function getName() {
    return 'login';
}

}

Silex Security Provider docs

1 个答案:

答案 0 :(得分:2)

它与令牌无关......我只是遇到与

相同的问题 
$app->register(new Silex\Provider\SecurityServiceProvider(), array(
    'security.firewalls' => array(
        'admin' => array(
            'pattern' => '^/admin',
            'form' => array(
                'login_path' => '/', 
                'check_path' => '/admin/login_check', 
                'username_parameter'=> 'mail',
                'password_parameter' => 'password',
                 ),
                'logout' => array('logout_path' => '/logout'),
                    //'anonymous' => true,
            'users' => function () use ($app) {
                return new UserProvider($app['db']);
            },
        )
    ),
    'security.access_rules' => array(
            array('^/$', 'IS_AUTHENTICATED_ANONYMOUSLY'),
            array('^/admin', 'ROLE_USER')
        )
));

经过几个小时的尝试和测试,我检查了表单输入中的name属性...看到了form[mail]

所以我试过

'username_parameter'=> 'form[mail]',
'password_parameter' => 'form[password]',

而且...... ALLELUIA !!!!!我的邮件是loadUserByUsername($mail)

相关问题
最新问题