Symfony 3 - 自定义用户提供程序 - 登录始终显示“错误凭据”而不是“未找到用户名”

时间:2016-12-29 00:56:58

标签: login symfony credentials

我正在开发symfony 3中的第一个项目。我实现了一个自定义用户提供程序,如symfony文档中所述。登录工作正常,但当我输入不存在的用户时,我总是收到错误消息“bad credentials”。我希望显示在usernamenotfound exeption中声明的消息,但它不起作用。如果我在我的security.yml中添加“hide_user_not_found:false”,我会收到消息“找不到用户名”,但我想在我的代码中显示消息(用户名“%s”不存在。)。我还想实现CustomUserMessageAuthenticationException,但那是问题的第二部分。我希望有人可以帮助我!这是代码......谢谢!!!

代码与此处完全相同:http://symfony.com/doc/current/security/custom_provider.html

文件:src / AppBundle / Security / User / WebserviceUser.php 

namespace AppBundle\Security\User;

use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\User\EquatableInterface;

class WebserviceUser implements UserInterface, EquatableInterface
{
    private $username;
    private $password;
    private $salt;
    private $roles;

    public function __construct($username, $password, $salt, array $roles)
    {
        $this->username = $username;
        $this->password = $password;
        $this->salt = $salt;
        $this->roles = $roles;
    }

    public function getRoles()
    {
        return $this->roles;
    }

    public function getPassword()
    {
        return $this->password;
    }

    public function getSalt()
    {
        return $this->salt;
    }

    public function getUsername()
    {
        return $this->username;
    }

    public function eraseCredentials()
    {
    }

    public function isEqualTo(UserInterface $user)
    {
        if (!$user instanceof WebserviceUser) {
            return false;
        }

        if ($this->password !== $user->getPassword()) {
            return false;
        }

        if ($this->salt !== $user->getSalt()) {
            return false;
        }

        if ($this->username !== $user->getUsername()) {
            return false;
        }

        return true;
    }
}

文件:src / AppBundle / Security / User / WebserviceUserProvider.php 

namespace AppBundle\Security\User;

use AppBundle\Security\User\WebserviceUser;
use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\Exception\UsernameNotFoundException;
use Symfony\Component\Security\Core\Exception\UnsupportedUserException;

class WebserviceUserProvider implements UserProviderInterface
{
    public function loadUserByUsername($username)
    {
        // make a call to your webservice here
        $userData = ...
        // pretend it returns an array on success, false if there is no user

        if ($userData) {
            $password = '...';

            // ...

            return new WebserviceUser($username, $password, $salt, $roles);
        }

        throw new UsernameNotFoundException(
            sprintf('Username "%s" does not exist.', $username)
        );
    }

    public function refreshUser(UserInterface $user)
    {
        if (!$user instanceof WebserviceUser) {
            throw new UnsupportedUserException(
                sprintf('Instances of "%s" are not supported.', get_class($user))
            );
        }

        return $this->loadUserByUsername($user->getUsername());
    }

    public function supportsClass($class)
    {
        return WebserviceUser::class === $class;
    }
}

文件:src \ AppBundle \ Controller \ SecurityController.php 

namespace AppBundle\Controller;



use AppBundle\Controller\BaseController;
use Symfony\Component\HttpFoundation\Request;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use AppBundle\Security\User\WebserviceUser;


class SecurityController extends BaseController
{
    /**
     * @Route("/login", name="login")
     */

        public function loginAction(Request $request)
    {

        $authenticationUtils = $this->get('security.authentication_utils');



        // get the login error if there is one
        $error = $authenticationUtils->getLastAuthenticationError();

        // last username entered by the user
        $lastUsername = $authenticationUtils->getLastUsername();

        return $this->render('security/login.html.twig', array(
            'last_username' => $lastUsername,
            'error'         => $error
        ));
    }


}

文件:app \ Resources \ views \ security \ login.html.twig 

{% extends 'base.html.twig' %}

{% block body %}



    <div class="wrapper fullscreen">

        <div class="image_full">

        </div>
        <div class="small_content">
            <a href="" class="logo_small"></a>






            <form action="{{ path('login') }}" method="post">

                {% if error %}
                    <p class="text-danger text-center">{{ error.messageKey|trans(error.messageData, 'security') }}</p>
                {% endif %}

                <div class="form-group">
                    <label for="exampleInputEmail1">Email-Adresse</label>
                    <input type="email" class="form-control" id="exampleInputEmail1" placeholder="Email" name="_username" value="{{ last_username }}">
                </div>
                <div class="form-group">
                    <label for="exampleInputPassword1">Passwort</label>
                    <input type="password" class="form-control" id="exampleInputPassword1" placeholder="Passwort" name="_password">
                </div>

                <div class="col-md-6 left">
                    <button type="submit" class="btn btn-default green btn_full">Anmelden</button>
                    <!--<a class="btn btn-default green btn_full" href="">Anmelden</a>-->
                </div>
                <div class="col-md-6 right">
                    <a class="btn btn-default green btn_full" href="{{ path('register') }}">Registrieren</a>
                </div>
                <!--<button type="submit" class="btn btn-default green btn_full">Einloggen</button>-->

            </form>
        </div>
    </div>



{% endblock %}

文件:app \ config \ security.yml 

# To get started with security, check out the documentation:
# http://symfony.com/doc/current/book/security.html
security:

    # http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
    providers:
        #in_memory:
            #memory: ~
        webservice:
                    id: app.webservice_user_provider

    hide_user_not_found:  false
    #erase_credentials:    true
    firewalls:
        # disables authentication for assets and the profiler, adapt it according to your needs
        #dev:
           # pattern: ^/(_(profiler|wdt)|css|images|js)/
           # security: false

        main:
            anonymous: ~
            form_login:
                login_path: login
                check_path: login
            logout:
                path:   /logout
                target: /
            # activate different ways to authenticate

            # http_basic: ~
            # http://symfony.com/doc/current/book/security.html#a-configuring-how-your-users-will-authenticate

            # form_login: ~
            # http://symfony.com/doc/current/cookbook/security/form_login_setup.html

    encoders:
            AppBundle\Security\User\WebserviceUser: plaintext

1 个答案:

答案 0 :(得分:1)

我知道有两种方法可以更改Bad credentials.错误消息:

1)

# AppBundle/Resources/translations/messages.en.yml:
# or you can put this in app/Resources/translations/message.en.yml - has the same effect
"Bad credentials.": "Your custom error message here."

# app/Resources/Security/login.html.twig
...
{% if error %}
    <div class="error">{{ error.message|trans }}</div>
{% endif %}

# app/config/config.yml, where %locale%, in this case, is set to "en"
framework:
    translator: { fallback: "%locale%" }

2)

# login.html.twig
{% if error %}
    <div>
    {{ error.message|replace({"Bad credentials.":"Your custom error message here."}) }}
    </div>
{% endif %}

您可以尝试其中一种,看看哪种适合您的需要。

相关问题
最新问题