我已经登录了自定义数据库查询的存储库,但它没有工作,但是没有进行数据库查询。使用Symfony 3
在提供商下的防火墙中:
providers:
in_memory:
memory: ~
database:
entity:
class: AppBundle:Customer
property: customer_email
encoders:
Symfony\Component\Security\Core\User\User:
algorithm: bcrypt
cost: 20
firewalls:
# disables authentication for assets and the profiler, adapt it according to your needs
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login_firewall:
pattern: ^/login$
anonymous: ~
main:
pattern: ^/
# activate different ways to authenticate
provider: database
form_login:
login_path: /login
check_path: /login_check
csrf_token_generator: security.csrf.token_manager
target_path_parameter: /dashboard
always_use_default_target_path: true
# http_basic: ~
# http://symfony.com/doc/current/book/security.html#a-configuring-how-your-users-will-authenticate
# form_login: ~
# http://symfony.com/doc/current/cookbook/security/form_login_setup.html
logout:
path: /logout
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
role_hierarchy:
ROLE_ADMIN: [ROLE_USER]
带有查询的存储库:
<?php
# src/AppBundle/Entity/CustomerRepository.php
namespace AppBundle\Entity;
use Symfony\Bridge\Doctrine\Security\User\UserLoaderInterface;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
use Doctrine\ORM\EntityRepository;
class CustomerRepository extends EntityRepository implements UserLoaderInterface
{
public function loadUserByUsername($email)
{
$user = $this->createQueryBuilder('c')
->where('c.customer_email = :email')
->setParameter('email', $email)
->getQuery()
->getOneOrNullResult();
if(null === $user)
{
$message = sprintf(
'Unable to find an active user AppBundle:User object identified by "%s".',
$email
);
throw new UsernameNotFoundException($message);
print_r('eac');
}
return $user;
}
}
但是,仍然调试器表示没有执行任何查询,它会抛出错误的无效登录详细信息。
答案 0 :(得分:1)
如果您在多个防火墙上检查Symfony docs,您将看到以下内容:
如果您使用多个防火墙并对一个防火墙进行身份验证,则不会自动对任何其他防火墙进行身份验证。不同的防火墙就像不同的安全系统。为此,您必须为不同的防火墙明确指定相同的防火墙上下文。但通常对于大多数应用程序来说,拥有一个主防火墙就足够了。
实际发生了什么,你在login_firewall
并尝试登录main
,这实际上应该无法正常工作。
这对我有什么帮助:
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
provider: database
anonymous: ~
form_login:
login_path: /login
check_path: /login
看到区别?我删除了整个login_firewall
部分,并将anonymous: ~
添加到main
防火墙部分。
现在,如果您正确配置access_control
部分,则无法匿名访问任何内容,/login
:
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: ROLE_USER }