无法使用默认身份验证登录

时间:2015-11-25 23:41:03

标签: php symfony

我无法使用默认的symfony login_check路径登录。

我在数据库中的user表中有以下记录:

id | username | password                         | email | isActive | created             | roles
1    test       098f6bcd4621d373cade4e832627b4f6   NULL    1          2015-11-25 23:56:53   ROLE_USER

我已经基于它生成了实体。现在我有以下登录表单:

<form action="{{path('login_check')}}" method="post">
     <input type="hidden" name="_csrf_token" value="{{ csrf_token('authenticate') }}">
     <input type="text" class="form-control" name="login" placeholder="Username">
     <input type="password" class="form-control" name="password" placeholder="Password">
     <input type="submit" class="form-control">
</form>

安全文件:

security:
    encoders:
        AppBundle\Entity\Users:
            id: custom.encoder

    providers:
        esaver_users:
            entity:
                class: AppBundle\Entity\User

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        admin_area:
            pattern: ^/
            http_basic: ~

            form_login:
                csrf_provider: form.csrf_provider
                csrf_parameter: _csrf_token
                provider: esaver_users
                check_path: /login_check
                login_path: /
                default_target_path: /
                always_use_default_target_path: true
                username_parameter: login
                password_parameter: password
            logout:
                path:   logout
                target: login

            anonymous: ~

#        default:
#            anonymous: ~

    access_control:
        - { path: ^/$, role: IS_AUTHENTICATED_ANONYMOUSLY}
        - { path: ^/test$, role: ROLE_USER }

好的,所以我创建了/test路由,其中​​包含die()功能,看看它是否有效,但事实并非如此 - 当我访问此路由时,我会被重定向回主页面。

有什么问题?

1 个答案:

答案 0 :(得分:0)

使用您的代码我获得了太多重​​定向: ERR_TOO_MANY_REDIRECTS

您需要为编码器指定属性...并指定role_hierarchy ...并正确路径/表单路径

security:
    encoders:
        AppBundle\Entity\Users:
            id: custom.encoder

    role_hierarchy:
        ROLE_USER:       ROLE_VIEWER
        ROLE_ADMIN:       ROLE_USER

    providers:
        esaver_users:
            entity:
                class: AppBundle\Entity\User
                property: username

    firewalls:
        dev:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/*
            security: false
        main:
            pattern: ^/
            http_basic: ~
            form_login:
                provider: esaver_users
                login_path: /login
                check_path: /login_check
                csrf_provider: form.csrf_provider
                csrf_parameter: _csrf_token
                default_target_path: /
                always_use_default_target_path: true
                username_parameter: login
                password_parameter: password
                use_referer: true
            logout:
                path: /logout
                target: /login
            security: true
            anonymous: true

    access_control:
        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/test, roles: [ROLE_USER] }