所以我的代码非常简单,我在控制器中有一个登录表单,一个身份验证器和一个登录方法。
在我的身份验证器类中,当用户凭据错误时,我会存储会话中使用的电子邮件。请参阅下文(特别是getCredentials方法):
<?php
namespace AppBundle\Security;
use Psr\Log\LoggerInterface;
use Symfony\Component\Form\FormFactoryInterface;
use Symfony\Component\HttpFoundation\RedirectResponse;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Symfony\Component\Routing\RouterInterface;
use Symfony\Component\Security\Core\Authentication\Token\TokenInterface;
use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
use Symfony\Component\Security\Core\Exception\AuthenticationException;
use Symfony\Component\Security\Core\Security;
use Symfony\Component\Security\Core\User\UserInterface;
use Symfony\Component\Security\Core\User\UserProviderInterface;
use Symfony\Component\Security\Guard\AbstractGuardAuthenticator;
use AppBundle\Form\LoginFormType;
class LoginFormAuthenticator extends AbstractGuardAuthenticator
{
private $passwordEncoder;
private $logger;
private $router;
private $formFactory;
public function __construct(FormFactoryInterface $formFactory, LoggerInterface $logger,UserPasswordEncoderInterface $passwordEncoder, RouterInterface $router)
{
$this->formFactory = $formFactory;
$this->router = $router;
$this->logger = $logger;
$this->passwordEncoder = $passwordEncoder;
}
public function supports(Request $request)
{
return ($request->getPathInfo() == '/login' && $request->isMethod('POST'));
}
public function getCredentials(Request $request)
{
$form = $this->formFactory->create(LoginFormType::class);
$form->handleRequest($request);
$data = $form->getData();
**$request->getSession()->set(
Security::LAST_USERNAME,
$data['email']
);**
$test = $request->getSession()->get(Security::LAST_USERNAME);
$this->logger->info('email : '.$test);
return $data;
}
public function getUser($credentials, UserProviderInterface $userProvider)
{
$email = $credentials['email'];
$this->logger->info('email getUser : '.$email);
if (null === $email) {
return;
}
return $userProvider->loadUserByUsername($email);
}
public function checkCredentials($credentials, UserInterface $user)
{
$plainPassword = $credentials['password'];
$encoder = $this->passwordEncoder;
if(!$encoder->isPasswordValid($user, $plainPassword)) {
return new Response('Password Invalid');
}
// return true to cause authentication success
return true;
}
public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
{
// on success, let the request continue
return new Response("<html><head></head><body>SUCCESS</body></html>");
}
public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
{
$request->getSession()->set(Security::AUTHENTICATION_ERROR, $exception);
$request->getSession()->set(Security::LAST_USERNAME, $request->get('email'));
$response = new RedirectResponse($this->router->generate('security_login'));
}
/**
* Called when authentication is needed, but it's not sent
*/
public function start(Request $request, AuthenticationException $authException = null)
{
return new Response('Authentication Required');
}
public function supportsRememberMe()
{
return false;
}
}
到目前为止,电子邮件存储在会话中。 (参见getCredentials方法)。
但是,当从以下登录控制器访问时,存储在会话中的相同值为空:
/**
* @Route("/login", name="security_login")
*/
public function loginAction(Request $request, AuthenticationUtils $authUtils)
{
$error = $authUtils->getLastAuthenticationError();
$last_username = $authUtils->getLastUsername();
$logger->info('email in SESSION : '.$last_username);
$form = $this->createForm(LoginFormType::class,[
'email' => $last_username
]);
return $this->render('security/login.html.twig', [
'loginForm' => $form->createView(),
'error'=> $error
]);
}
它只是空的,所以我不确定这里发生了什么或者我做错了什么。
请告知。
谢谢!