Symfony 2.6 security BCryptPasswordEncoder error

时间:2015-07-28 23:33:16

标签: php mysql symfony login bcrypt

I'm developing a web app with Symfony 2.6, PHP 5.4 and MySQL 5.6 and Twig. I'm also using YAML and bcrypt

Currently I'm developing a login form, I followed the Symfony2 Tutorial but when I test the web app I'm receiving this error:

Warning: password_verify() expects parameter 2 to be string, resource given
    Stack Trace in vendor/symfony/symfony/src/Symfony/Component/Security/Core/Encoder/BCryptPasswordEncoder.php at line 89   -

    public function isPasswordValid($encoded, $raw, $salt) 
    { 
        return !$this->isPasswordTooLong($raw) && password_verify($raw, $encoded); 
    } 
}

This is the related code: Security.xml

security:
    encoders:
        InterempleaBundle\Entity\Usuario: 
            algorithm: bcrypt
            cost: 12

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

    providers:
        mysql_db_provider:
            entity: 
                class: InterempleaBundle:Usuario 
                property: email

   firewalls:
      admin_area:
        pattern:    ^/IniciaSesion
        http_basic: ~
        provider: mysql_db_provider
        form_login:
            login_path: index
            check_path: /IniciaSesion/login_check
            failure_path: index

   access_control:
       - { path: ^/IniciaSesion, roles: ROLE_ADMIN }

Entity\Usuario.php (User Entity)

class Usuario implements UserInterface, \Serializable {

    /**
     * @var string
     */
    private $email;

    /**
     * @var string
     */
    private $contrasena;

    /**
     * @var \DateTime
     */
    private $fechaultimoacceso;

    /**
     * @var string
     */
    private $imagenperfil;

    /**
     * @var integer
     */
    private $id;

    /**
     * Set email
     *
     * @param string $email
     * @return Usuario
     */
    public function setEmail($email) {
        $this->email = $email;

        return $this;
    }

    /**
     * Get email
     *
     * @return string 
     */
    public function getEmail() {
        return $this->email;
    }

    /**
     * Set contrasena
     *
     * @param string $contrasena
     * @return Usuario
     */
    public function setContrasena($contrasena) {
        $this->contrasena = $contrasena;

        return $this;
    }

    /**
     * Get contrasena
     *
     * @return string 
     */
    public function getContrasena() {
        return $this->contrasena;
    }

    /**
     * Set fechaultimoacceso
     *
     * @param \DateTime $fechaultimoacceso
     * @return Usuario
     */
    public function setFechaultimoacceso($fechaultimoacceso) {
        $this->fechaultimoacceso = $fechaultimoacceso;

        return $this;
    }

    /**
     * Get fechaultimoacceso
     *
     * @return \DateTime 
     */
    public function getFechaultimoacceso() {
        return $this->fechaultimoacceso;
    }

    /**
     * Set imagenperfil
     *
     * @param string $imagenperfil
     * @return Usuario
     */
    public function setImagenperfil($imagenperfil) {
        $this->imagenperfil = $imagenperfil;

        return $this;
    }

    /**
     * Get imagenperfil
     *
     * @return string 
     */
    public function getImagenperfil() {
        return $this->imagenperfil;
    }

    /**
     * Get id
     *
     * @return integer 
     */
    public function getId() {
        return $this->id;
    }

    public function serialize() {
        return serialize(array(
            $this->id,
            $this->email,
            $this->contrasena,
                // see section on salt below
                // $this->salt,
        ));
    }

    public function unserialize($serialized) {
        list (
                $this->id,
                $this->email,
                $this->contrasena,
                // see section on salt below
                // $this->salt
                ) = unserialize($serialized);
    }

    public function eraseCredentials() {

    }

    public function getPassword() {
        return $this->contrasena;
    }

    public function getRoles() {
        return array('ROLE_ADMIN');
    }

    public function getSalt() {
        return null;
    }

    public function getUsername() {
        return $this->email;
    }

}

LoginAction inside SecurityController

...
    public function loginAction() {

        $authenticationUtils = $this->get('security.authentication_utils');

        // get the login error if there is one
        $error = $authenticationUtils->getLastAuthenticationError();

        // last username entered by the user
        $lastUsername = $authenticationUtils->getLastUsername();
        $repositorioUsuario = $this->getDoctrine()->getRepository('InterempleaBundle:Usuario');
        $usuario = $repositorioUsuario->loadUserByUsername($lastUsername);

        return $this->render(
            'InterempleaBundle:Usuario:panel_principal.html.twig', array(
                // last username entered by the user
                'last_username' => $usuario->id,
                'error' => $error,
            )
        );
    }
...

I'm doubting about the salt attribute inside the entity, but the tutorial says it has to be null.

What can it be happening? Am I missing some step?

Feel free to ask for any other code or explanation.

Thanks in advance!

1 个答案:

答案 0 :(得分:2)

按照@Martin Rios建议,我检查了$encoded变量中的内容,我意识到在 Symfony2 Tutorial 中,数据库中的密码字段是 varchar(64)我有一个二进制(64)。所以我将数据类型更改为密码字段,使用Doctrine命令重新生成实体,清理缓存并且工作正常!

相关问题
最新问题