symfony2中的身份验证系统不起作用?

时间:2015-05-11 06:34:58

标签: php symfony symfony-forms symfony-2.1 symfony-2.3

我的symfony2中的身份验证系统有问题。

我的路由文件:

shop_show_login_page:
  path: /login
  defaults: { _controller: ShopDesktopBundle:User:loginPage }
shop_login_user:
  path: /loginUser
  defaults: { _controller: ShopDesktopBundle:User:loginCheck }
shop_logout_user:
  path: /logout

我的用户控制器:

class UserController extends Controller{
public function loginPageAction(){
    return $this->render('ShopDesktopBundle:User:loginPage.html.twig');
}
public function loginCheckAction(Request $request){
    $password = $request->request->get('password');
    $login    = $request->request->get('username');
    $em = $this->getDoctrine()->getEntityManager();
    $repository = $em->getRepository('ShopDesktopBundle:Customer');
    $user = $repository->findOneBy(array('customer_login'=> $login, 'customer_password'=> $password));
    if($user){
        return $this->redirect($this->generateUrl('shop_desktop_homepage'));
    }else{
        return $this->render('ShopDesktopBundle:User:loginPage.html.twig',array('message_failed' => 'Eroare : wrong login'));
    }
}
}

我的观点:

{% if message_failed is defined %}
     <div class="alert alert-danger">
         <button type="button" class="close" data-dismiss="alert">×</button>
         <strong>{{ message_failed }}</strong>
      </div>
{% endif %}
<form action="{{ path('shop_login_user') }}" method="post">
       <div class="form-group">
         <div class="input-group">
           <span class="input-group-addon"><i class="fa fa-user"></i></span>
           <input type="text" class="form-control" placeholder="Username" name="username">
         </div>
      </div>
      <div class="form-group">
         <div class="input-group">
            <span class="input-group-addon"><i class="fa fa-lock"></i></span>
            <input type="text" class="form-control" placeholder="Password" name="password">
          </div>
      </div>
     <div class="form-group">
         <button type="submit" class="button">Authentification</button>
     </div>
</form>

security.yml:

security:
encoders:
    Symfony\Component\Security\Core\User\User: plaintext

# http://symfony.com/doc/current/book/security.html#hierarchical-roles
role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
    in_memory:
        memory:
            users:
                user:  { password: userpass, roles: [ 'ROLE_USER' ] }
                admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }

# the main part of the security, where you can set up firewalls
# for specific sections of your app
firewalls:
    # disables authentication for assets and the profiler, adapt it according to your needs
    secured_area:
        pattern:    ^/
        form_login:
            check_path: shop_login_user
            login_path: shop_show_login_page
        logout:
            invalidate_session: true
            path:   shop_logout_user
            target: /
        anonymous: true
        #http_basic:
        #    realm: "Secured Demo Area"

# with these settings you can restrict or allow access for different parts
# of your application based on roles, ip, host or methods
# http://symfony.com/doc/current/cookbook/security/access_control.html
access_control:
    #- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }

调试工具栏显示我在提交所有情况的登录表单后作为匿名身份验证,我不明白问题出在哪里。存在解决方案?谁能帮我?。 Thx提前

1 个答案:

答案 0 :(得分:1)

尝试在输入元素的“name”属性值中添加下划线。据我所知, _username _password 是默认值,如文档中所示。

http://symfony.com/doc/current/reference/configuration/security.html

<input type="text" class="form-control" placeholder="Username" name="_username">

此外,您不能为check_path指定控制器,因为Symfony会在内部处理此问题。请查看此链接以获取更多参考。

http://symfony.com/doc/current/cookbook/security/form_login_setup.html