按照记录的方式通过Doctrine和传统表单设置用户身份验证我最终陷入了一种奇怪的境地:与解码相比,用户创建以不同的方式对密码进行编码,因此实际上我的用户无法登录(无效的凭据错误)。但是,使用一些旧的哈希(来自早期项目)并直接更新数据库,所有密码都可以设置为“管理员”。他们工作得很好。但这种方法显然不能长久维持。
security.yml
security:
providers:
db_provider:
entity:
class: AppBundle:Felhasznalo
property: username
encoders:
AppBundle\Entity\Felhasznalo:
algorithm: bcrypt
firewalls:
default:
pattern: ^/
provider: db_provider
anonymous: true
form_login:
login_path: login
check_path: login
default_target_path: admin_home
logout:
path: logout
target: /login
FelhasznaloController(扩展UserController)
public function newAction(Request $request) {
$entity = new Felhasznalo();
$form = $this->createForm('AppBundle\Form\FelhasznaloType', $entity);
$form->handleRequest($request);
if ($form->isSubmitted() && $form->isValid()) {
$em = $this->getDoctrine()->getManager();
$em->persist($entity);
$encoder = $this->container->get('security.password_encoder');
$encoded = $encoder->encodePassword($entity, $entity->getPassword());
$entity->setPassword($encoded);
$em->flush();
return $this->redirect($this->generateUrl('admin_felhasznalo_show', array('id' => $entity->getId())));
}
return array(
'felhasznalo' => $entity,
'form' => $form->createView(),
);
}
SecurityController
/**
* @Route("/login", name="login")
*/
public function loginAction(Request $request)
{
$authenticationUtils = $this->get('security.authentication_utils');
$error = $authenticationUtils->getLastAuthenticationError();
$lastUsername = $authenticationUtils->getLastUsername();
return $this->render(
'admin/security/login.html.twig',
array(
'last_username' => $lastUsername,
'error' => $error,
)
);
}
Felhasznalo.php(用户实体)
namespace AppBundle\Entity;
use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Security\Core\User\UserInterface;
/**
* Felhasznalo
*
* @ORM\Table(name="felhasznalo")
* @ORM\Entity(repositoryClass="AppBundle\Entity\FelhasznaloRepository")
*/
class Felhasznalo implements UserInterface, \Serializable
{
/**
* @var integer
*
* @ORM\Column(name="id", type="integer")
* @ORM\Id
* @ORM\GeneratedValue(strategy="IDENTITY")
*/
private $id;
/**
* @var string
*
* @ORM\Column(name="username", type="string", length=100, nullable=false)
*/
private $username;
/**
* @var string
*
* @ORM\Column(name="password", type="string", length=64, nullable=false)
*/
private $password;
/**
* Set password
*
* @param string $password
*
* @return Felhasznalo
*/
public function setPassword($password)
{
$this->password = $password;
return $this;
}
/**
* Get password
*
* @return string
*/
public function getPassword()
{
return $this->password;
}
public function getSalt() {
// not needed for bcript encoding
return null;
}
public function eraseCredentials() {
}
/** @see \Serializable::serialize() */
public function serialize() {
return serialize(array(
$this->id,
$this->username,
$this->password,
));
}
/** @see \Serializable::unserialize() */
public function unserialize($serialized) {
list (
$this->id,
$this->username,
$this->password,
) = unserialize($serialized);
}
}
有人能发现为什么en / decode失败了吗?目前,我只能由迁移的用户登录,并且密码直接在数据库中设置为相同的密码。无论如何,通过表单进行的用户创建工作非常精美,除了生成的哈希,这是无法使用的。