How to logout from app using symfony2

时间:2015-05-04 19:51:06

标签: php symfony symfony-forms symfony-2.1 symfony-2.3

I have a question, I'm new in symfony2 and I tried to create a small system with login and logout. The problem is that in my debug bar after logout I get : Logged in as anon, Authenticated Yes, Token class Anonymous Token. My controller :

class UserController extends Controller{
public function loginPageAction(){
    return $this->render('ShopDesktopBundle:User:loginPage.html.twig');
}
public function loginCheckAction(Request $request){
    $request = $this->get('request');
    $password = $request->request->get('password');
    $login    = $request->request->get('username');
    $em = $this->getDoctrine()->getEntityManager();
    $repository = $em->getRepository('ShopDesktopBundle:Customer');
    $user = $repository->findOneBy(array('customer_login'=> $login, 'customer_password'=> $password));
    if($user){
        return $this->redirect($this->generateUrl('shop_desktop_homepage'));
    }else{
        return $this->render('ShopDesktopBundle:User:loginPage.html.twig',array('message_failed' => 'Eroare : login sau password este gresit'));
    }
}
public function logoutAction(){
    $session =$this->getRequest()->getSession();
    $session->clear();
}

} My login view :

<form action="{{ path('shop_login_user') }}" method="post">
                <div class="form-group">
                    <div class="input-group">
                        <span class="input-group-addon"><i class="fa fa-user"></i></span>
                        <input type="text" class="form-control" placeholder="Username" name="username">
                    </div>
                </div>
                <div class="form-group">
                    <div class="input-group">
                        <span class="input-group-addon"><i class="fa fa-lock"></i></span>
                        <input type="text" class="form-control" placeholder="Password" name="password">
                    </div>
                </div>
                <div class="form-group">
                    <button type="submit" class="button">Autentificare</button>
                </div>
            </form>

In layout, my logout button :

<span><a href="{{ path('shop_logout_user') }}" style="color: #ffffff;">Logout</a></span>

My security.yml:

security:
# http://symfony.com/doc/current/book/security.html#encoding-the-user-s-password
encoders:
    Symfony\Component\Security\Core\User\User: plaintext

# http://symfony.com/doc/current/book/security.html#hierarchical-roles
role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
    in_memory:
        memory:
            users:
                user:  { password: userpass, roles: [ 'ROLE_USER' ] }
                admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }

# the main part of the security, where you can set up firewalls
# for specific sections of your app
firewalls:
    # disables authentication for assets and the profiler, adapt it according to your needs
    secured_area:
        pattern:    ^/
        form_login:
            check_path: shop_login_user
            login_path: shop_show_login_page
        logout:
            invalidate_session: true
            path:   /logout
            target: /
        anonymous: true
        #http_basic:
        #    realm: "Secured Demo Area"

# with these settings you can restrict or allow access for different parts
# of your application based on roles, ip, host or methods
# http://symfony.com/doc/current/cookbook/security/access_control.html
access_control:
    #- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }

File with routes :

shop_show_login_page:
path: /login
defaults: { _controller: ShopDesktopBundle:User:loginPage }

shop_login_user:
path: /loginUser
defaults: { _controller: ShopDesktopBundle:User:loginCheck }

shop_logout_user:
path: /logout
defaults: { _controller: ShopDesktopBundle:User:logout }

So, the problem is that the logout button doesn't work because in debug bar symfony I authentificated as anonymous. Is that a good system of login/logout? Please help me please. Thx in advance ! ! !

1 个答案:

答案 0 :(得分:0)

使用shop_logout_user作为security.yml文件中的路径:

    logout:
        invalidate_session: true
        path:   shop_logout_user
        target: /

此路由不需要控制器,因此在routing.yml文件中只需执行:

shop_logout_user:
  path: /logout

然后,当您重定向到此路线时,您的用户应该被注销。如果没有,检查你是否不覆盖响应内核事件,上次我遇到登出问题是因为这个。