Symfony:从数据库加载安全用户

时间:2015-07-13 10:03:38

标签: php symfony

我阅读了Symfony的官方文档,以便访问特定页面。我按照说明操作,但是当我插入用户和pw时,我没有被重定向到受保护的页面。

这是实体

namespace AppBundle\Entity;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\User\AdvancedUserInterface;
use Doctrine\ORM\Mapping as ORM;

/**
* @ORM\Entity
* @ORM\Table(name="users")
*/
class User implements UserInterface, \Serializable
{
/**
 * @ORM\Column(type="integer")
 * @ORM\Id
 * @ORM\GeneratedValue(strategy="AUTO")
 */
private $id;

/**
 * @ORM\Column(type="string", length=25, unique=true)
 */
private $username;

/**
 * @ORM\Column(type="string", length=64)
 */
private $password;

/**
 * @ORM\Column(type="string", length=60, unique=true)
 */
private $email;

/**
 * @ORM\Column(name="is_active", type="boolean")
 */
private $isActive;

public function __construct()
{
    $this->isActive = true;
    // may not be needed, see section on salt below
    // $this->salt = md5(uniqid(null, true));
}

public function getUsername()
{
    return $this->username;
}

public function getSalt()
{
    // you *may* need a real salt depending on your encoder
    // see section on salt below
    return null;
}

public function getPassword()
{
    return $this->password;
}

public function getRoles()
{
    return array('ROLE_ADMIN');
}

public function eraseCredentials()
{
}

/** @see \Serializable::serialize() */
public function serialize()
{
    return serialize(array(
        $this->id,
        $this->username,
        $this->password,
        // see section on salt below
        // $this->salt,
    ));
}

/** @see \Serializable::unserialize() */
public function unserialize($serialized)
{
    list (
        $this->id,
        $this->username,
        $this->password,
        // see section on salt below
        // $this->salt
    ) = unserialize($serialized);
   }

这是security.yml 

security:
encoders:
    AppBundle\Entity\User:
        algorithm: bcrypt


role_hierarchy:
    ROLE_ADMIN:       ROLE_ADMIN
    ROLE_SUPER_ADMIN: [ ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]

providers:
    our_db_provider:
        entity:
            class: AppBundle:User
            property: username

firewalls:
    dev:
        pattern: ^/(_(profiler|wdt|error)|css|images|js)/
        security: false

    main:
        anonymous: ~
        http_basic: ~

    default:
       pattern:    ^/
       http_basic: ~
       provider: our_db_provider

access_control:
    - { path: ^/dashboard/admin, roles: ROLE_ADMIN }

使用此BCrypt tool

手动将密码插入数据库

我做错了什么?

1 个答案:

答案 0 :(得分:0)

我不是专家,但我认为您忘记在防火墙定义中的安全文件中指定一些内容。你可以在下面找到我的。

form_login:
            login_path: fos_user_security_login
            check_path: fos_user_security_check
            default_target_path: route to your logged user should go after logged
        logout:
            path: fos_user_security_logout
            target: route to your user should go after logout
相关问题
最新问题