成功后,身份验证令牌未经过身份验证
我是Symfony 3.2的新成员。我需要实现表单身份验证。用户从数据库中提取。在post到/login onAuthenticationSuccess事件触发后,但令牌仍然是未经身份验证的:
我做错了什么?
security.yml
security:
encoders:
AppBundle\Entity\User:
algorithm: bcrypt
iterations: 10
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_DEVELOPER: ROLE_ADMIN
providers:
in_memory:
memory: ~
dvm_db_provider:
entity:
class: AppBundle:User
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
anonymous: true
pattern: ^/
guard:
authenticators: [dvm.authenticator]
form_login:
login_path: login
check_path: login
csrf_token_generator: security.csrf.token_manager
logout: ~
provider: dvm_db_provider
access_control:
user.php的
<?php
namespace AppBundle\Entity;
use Doctrine\ORM\Mapping as ORM;
use Doctrine\ORM\PersistentCollection;
use Symfony\Component\Security\Core\User\AdvancedUserInterface;
use Symfony\Component\Security\Core\User\EquatableInterface;
use Symfony\Component\Security\Core\User\UserInterface;
/**
* User
*
* @ORM\Table(name="users")
* @ORM\Entity(repositoryClass="AppBundle\Repository\UserRepository")
*/
class User implements AdvancedUserInterface, \Serializable, EquatableInterface {
/**
* @var string
*
* @ORM\Column(name="id", type="guid")
* @ORM\Id
* @ORM\GeneratedValue(strategy="UUID")
*/
protected $id;
/**
* @var string
*
* @ORM\Column(name="surname", type="string", length=255)
*/
private $surname;
/**
* @var string
*
* @ORM\Column(name="name", type="string", length=255)
*/
private $name;
/**
* @var string
*
* @ORM\Column(name="patronymic", type="string", length=255, nullable=true)
*/
private $patronymic;
/**
* @var \DateTime
*
* @ORM\Column(name="birthday", type="date")
*/
private $birthday;
/**
* @var string
*
* @ORM\Column(name="gender", type="string", length=1)
*/
private $gender;
/**
* @var string
*
* @ORM\Column(name="avatar", type="string", length=255, unique=true)
*/
private $avatar;
/**
* @var string
*
* @ORM\Column(name="email", type="string", length=255, unique=true)
*/
private $email;
/**
* @var string
*/
private $plainPass;
/**
* @var string
*
* @ORM\Column(name="pass_hash", type="string", length=255)
*/
private $passHash;
/**
* @var bool
*
* @ORM\Column(name="is_active", type="boolean")
*/
private $isActive;
/**
* @var PersistentCollection
*
* @ORM\ManyToMany(targetEntity="AppBundle\Entity\Role")
* @ORM\JoinTable(name="users_roles", joinColumns={@ORM\JoinColumn(name="user_id", referencedColumnName="id")},
* inverseJoinColumns={@ORM\JoinColumn(name="role_id", referencedColumnName="id")})
*/
private $roles;
/**
* @return string
*/
public function getPlainPass() {
return $this->plainPass;
}
/**
* @param string $plainPass
*/
public function setPlainPass($plainPass) {
$this->plainPass = $plainPass;
$this->passHash = password_hash($this->plainPass, PASSWORD_BCRYPT);
}
public function eraseCredentials() {
$this->setPlainPass('');
}
/**
* Get id
*
* @return int
*/
public function getId() {
return $this->id;
}
/**
* Get surname
*
* @return string
*/
public function getSurname() {
return $this->surname;
}
/**
* Set surname
*
* @param string $surname
*
* @return User
*/
public function setSurname($surname) {
$this->surname = $surname;
return $this;
}
/**
* Get name
*
* @return string
*/
public function getName() {
return $this->name;
}
/**
* Set name
*
* @param string $name
*
* @return User
*/
public function setName($name) {
$this->name = $name;
return $this;
}
/**
* Get patronymic
*
* @return string
*/
public function getPatronymic() {
return $this->patronymic;
}
/**
* Set patronymic
*
* @param string $patronymic
*
* @return User
*/
public function setPatronymic($patronymic) {
$this->patronymic = $patronymic;
return $this;
}
/**
* Get birthday
*
* @return \DateTime
*/
public function getBirthday() {
return $this->birthday;
}
/**
* Set birthday
*
* @param \DateTime $birthday
*
* @return User
*/
public function setBirthday($birthday) {
$this->birthday = $birthday;
return $this;
}
/**
* Get gender
*
* @return string
*/
public function getGender() {
return $this->gender;
}
/**
* Set gender
*
* @param string $gender
*
* @return User
*/
public function setGender($gender) {
$this->gender = $gender;
return $this;
}
/**
* Get avatar
*
* @return string
*/
public function getAvatar() {
return $this->avatar;
}
/**
* Set avatar
*
* @param string $avatar
*
* @return User
*/
public function setAvatar($avatar) {
$this->avatar = $avatar;
return $this;
}
/**
* Get email
*
* @return string
*/
public function getEmail() {
return $this->email;
}
/**
* Set email
*
* @param string $email
*
* @return User
*/
public function setEmail($email) {
$this->email = $email;
return $this;
}
/**
* Set isActive
*
* @param boolean $isActive
*
* @return User
*/
public function setIsBlocked($isActive) {
$this->isActive = $isActive;
return $this;
}
public function serialize() {
return serialize([$this->id, $this->name, $this->surname, $this->patronymic, $this->getPassword(), $this->isActive, $this->email]);
}
public function getPassword() {
return $this->getPassHash();
}
/**
* @return string
*/
public function getPassHash() {
return $this->passHash;
}
public function getSalt() {
return null;
}
public function unserialize($serialized) {
list($this->id, $this->name, $this->surname, $this->patronymic, $this->passHash, $this->isActive, $this->email)
= unserialize($serialized);
}
public function isAccountNonExpired() {
return true;
}
public function isAccountNonLocked() {
return true;
}
public function isCredentialsNonExpired() {
return true;
}
public function isEqualTo(UserInterface $user) {
return $this->getUsername() === $user->getUsername()
&& $this->getPassword() === $user->getPassword();
}
public function getUsername() {
return $this->email;
}
/**
* @return array
*/
public function getRoles() {
$rolesArray = [];
/* @var $role Role */
foreach ($this->roles->toArray() as $role) $rolesArray[] = $role->getName();
return $rolesArray;
}
/**
* @param array $roles
*/
public function setRoles($roles) {
$this->roles = $roles;
}
public function isEnabled() {
return $this->getIsActive();
}
/**
* Get isActive
*
* @return bool
*/
public function getIsActive() {
return $this->isActive;
}
public function setPassword($pass) {
$this->setPlainPass($pass);
}
}
Authenticator.php
class Authenticator extends AbstractGuardAuthenticator {
public function getCredentials(Request $request) {
if ($request->getPathInfo() != '/login' || !$request->isMethod('POST')) return null;
return ['u' => $request->get('_username'), 'p' => $request->get('_password')];
}
public function getUser($credentials, UserProviderInterface $userProvider) {
if (!$credentials['u']) return null;
return $userProvider->loadUserByUsername($credentials['u']);
}
public function checkCredentials($credentials, UserInterface $user) {
if (!password_verify($credentials['p'], $user->getPassword())) {
dump([$credentials['p'], $user->getPassword()], password_verify($credentials['p'], $user->getPassword()));
die;
}
if (!$credentials['p']) return null;
return password_verify($credentials['p'], $user->getPassword());
}
public function onAuthenticationFailure(Request $request, AuthenticationException $exception) {
dump(__FUNCTION__);
}
public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey) {
dump(__FUNCTION__);
$token->setAuthenticated(true);
}
public function supportsRememberMe() {
return false;
}
public function start(Request $request, AuthenticationException $authException = null) {
return new RedirectResponse('/login');
}
}
Security_log
[2017-05-26 09:38:03] security.DEBUG: Read existing security token from the session. {"key":"_security_main"} []
[2017-05-26 09:38:03] security.DEBUG: User was reloaded from a user provider. {"username":"...@mail.ru","provider":"Symfony\\Bridge\\Doctrine\\Security\\User\\EntityUserProvider"} []
[2017-05-26 09:38:03] security.DEBUG: Checking for guard authentication credentials. {"firewall_key":"main","authenticators":1} []
[2017-05-26 09:38:03] security.DEBUG: Calling getCredentials() on guard configurator. {"firewall_key":"main","authenticator":"AppBundle\\Security\\DvmAuthenticator"} []
[2017-05-26 09:38:03] security.DEBUG: Passing guard token information to the GuardAuthenticationProvider {"firewall_key":"main","authenticator":"AppBundle\\Security\\DvmAuthenticator"} []
[2017-05-26 09:38:03] security.INFO: Guard authentication successful! {"token":"[object] (Symfony\\Component\\Security\\Guard\\Token\\PostAuthenticationGuardToken: PostAuthenticationGuardToken(user=\"....@mail.ru\", authenticated=true, roles=\"ROLE_DEVELOPER\"))","authenticator":"AppBundle\\Security\\DvmAuthenticator"} []
[2017-05-26 09:38:03] security.DEBUG: Guard authenticator set success response. {"response":"[object] (Symfony\\Component\\HttpFoundation\\RedirectResponse: HTTP/1.0 302 Found\r\nCache-Control: no-cache, private\r\nDate: Thu, 25 May 2017 23:38:03 GMT\r\nLocation: /\r\n\r\n<!DOCTYPE html>\n<html>\n <head>\n <meta charset=\"UTF-8\" />\n <meta http-equiv=\"refresh\" content=\"1;url=/\" />\n\n <title>Redirecting to /</title>\n </head>\n <body>\n Redirecting to <a href=\"/\">/</a>.\n </body>\n</html>)","authenticator":"AppBundle\\Security\\DvmAuthenticator"} []
[2017-05-26 09:38:03] security.DEBUG: Remember me skipped: it is not configured for the firewall. {"authenticator":"AppBundle\\Security\\DvmAuthenticator"} []
[2017-05-26 09:38:03] security.DEBUG: The "AppBundle\Security\DvmAuthenticator" authenticator set the response. Any later authenticator will not be called {"authenticator":"AppBundle\\Security\\DvmAuthenticator"} []
[2017-05-26 09:38:03] security.DEBUG: Stored the security token in the session. {"key":"_security_main"} []
[2017-05-26 09:38:04] security.DEBUG: Read existing security token from the session. {"key":"_security_main"} []
[2017-05-26 09:38:04] security.DEBUG: User was reloaded from a user provider. {"username":"...@mail.ru","provider":"Symfony\\Bridge\\Doctrine\\Security\\User\\EntityUserProvider"} []
[2017-05-26 09:38:04] security.DEBUG: Checking for guard authentication credentials. {"firewall_key":"main","authenticators":1} []
[2017-05-26 09:38:04] security.DEBUG: Calling getCredentials() on guard configurator. {"firewall_key":"main","authenticator":"AppBundle\\Security\\DvmAuthenticator"} []
[2017-05-26 09:38:04] security.DEBUG: Stored the security token in the session. {"key":"_security_main"} []
[2017-05-26 09:41:56] security.DEBUG: Read existing security token from the session. {"key":"_security_main"} []
2 个答案:
答案 0 :(得分:0)
onAuthenticationSuccess只返回null。
坚持本教程:http://symfony.com/doc/current/security/guard_authentication.html
答案 1 :(得分:0)
我想这个函数正在解决身份验证问题,因为在你的情况下返回false。
public function isEqualTo(UserInterface $user) {
return $this->getUsername() === $user->getUsername()
&& $this->getPassword() === $user->getPassword();
}
请尝试比较id。
public function isEqualTo(UserInterface $user)
{
return $this->id === $user->getId();
}
相关问题
最新问题
- 我写了这段代码,但我无法理解我的错误
- 我无法从一个代码实例的列表中删除 None 值,但我可以在另一个实例中。为什么它适用于一个细分市场而不适用于另一个细分市场?
- 是否有可能使 loadstring 不可能等于打印?卢阿
- java中的random.expovariate()
- Appscript 通过会议在 Google 日历中发送电子邮件和创建活动
- 为什么我的 Onclick 箭头功能在 React 中不起作用?
- 在此代码中是否有使用“this”的替代方法?
- 在 SQL Server 和 PostgreSQL 上查询,我如何从第一个表获得第二个表的可视化
- 每千个数字得到
- 更新了城市边界 KML 文件的来源?