Symfony安全登录-不执行查询

时间:2018-07-23 08:31:39

标签: symfony login doctrine-orm

在我的项目中实施Symfony的安全功能时遇到了麻烦。我已经配置了Security.yaml并创建了securityController,我的User类实现了userInterface,从我在文档上看到的东西我什么都没错过。我的表单可以正常显示,并且可以输入我的用户名和密码,但是当我提交有效的凭据时,它只会刷新页面。 Profiler显示未进行任何SQL查询,尽管我配置了authenticationUtils来显示错误(根据文档中的教程),但未显示任何内容。

Security.yaml

security:
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
encoders:
    App\Entity\User: sha256
providers:
    in_memory: { memory: ~ }
    main_db_provider:
        entity:
            class: App\Entity\User
            property: username

firewalls:
    dev:
        pattern: ^/(_(profiler|wdt)|css|images|js)/
        security: false
    main:
        # anonymous: true
        pattern: ^/$ #test
        form_login:
            login_path: login
            check_path: login
            csrf_token_generator: security.csrf.token_manager
            provider: main_db_provider

        # activate different ways to authenticate

        # http_basic: true
        # https://symfony.com/doc/current/security.html#a-configuring-how-your-users-will-authenticate

        # form_login: true
        # https://symfony.com/doc/current/security/form_login_setup.html

# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
    # - { path: ^/admin, roles: ROLE_ADMIN }
    # - { path: ^/$, roles: ROLE_USER }

安全控制器

<?php
// src/Controller/SecurityController.php
namespace App\Controller;

use App\Entity\User;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\Routing\Annotation\Route;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;

class SecurityController extends Controller
{

/**
* @Route("/login", name="login")
*/
public function login(Request $request, AuthenticationUtils    $authenticationUtils)
{
  // get the login error if there is one
  $error = $authenticationUtils->getLastAuthenticationError();

  // last username entered by the user
  $lastUsername = $authenticationUtils->getLastUsername();


  return $this->render('ad-lotto-theme/login.html.twig', array(
    'last_username' => $lastUsername,
    'error'         => $error,
     ));
     }
}

用户类别

<?php

namespace App\Entity;

use Doctrine\ORM\Mapping as ORM;
use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
use Symfony\Component\Security\Core\User\UserInterface;

/**
* @ORM\Entity(repositoryClass="App\Repository\UserRepository")
* @UniqueEntity("email", message="This email is already in use.")
* @UniqueEntity("username", message="This username is already in use")
*/
class User implements UserInterface, \Serializable
{
/**
* @ORM\Column(name="roles",type="string", length=255)
*/
private $roles;

/**
 * @ORM\Column(name="salt",type="string", length=255)
 */
private $salt = "saltyboye";


/**
 * @ORM\Id()
 * @ORM\GeneratedValue()
 * @ORM\Column(type="integer")
 */
private $id;

/**
 * @ORM\Column(name="username",type="string", length=255, unique=true)
 */
private $username;

/**
 * @ORM\Column(name = "password", type="string", length=255)
 */
private $password;

/**
 * @ORM\Column(name="email", type="string", length=255, unique=true)
 */
private $email;

/**
 * @ORM\Column(type="datetime")
 */
private $registeredOn;

/**
 * @ORM\Column(type="integer", nullable=true)
 */
private $referrer;

/**
 * @ORM\Column(type="smallint")
 */
private $entries;

/**
 * @ORM\Column(type="string", length=3)
 */
private $currency;


 /** @see \Serializable::serialize() */
public function serialize()
{
    return serialize(array(
        $this->registeredOn,
        $this->id,
        $this->email,
        $this->username,
        $this->password,
        $this->roles,
        $this->referrer,
        $this->currency,
        $this->entries,
        $this->salt));
        // see section on salt below
        // ,
}
    public function unserialize($serialized)
{
    list (
        $this->id,
        $this->username,
        $this->password,
        // see section on salt below
        // $this->salt
    ) = unserialize($serialized, array('allowed_classes' => false));
}
public function eraseCredentials()
{

}
public function getRoles()
{
    return array("ROLE_USER");
}


public function getSalt()
{
    return $this->salt;
}


public function getId()
{
    return $this->id;
}

public function getUsername(): ?string
{
    return $this->username;
}

public function setUsername(string $username): self
{
    $this->username = $username;

    return $this;
}

public function getPassword(): ?string
{
    return $this->password;
}

public function setPassword(string $password): self
{
    $this->password = $password;

    return $this;
}

public function getEmail(): ?string
{
    return $this->email;
}

public function setEmail(string $email): self
{
    $this->email = $email;

    return $this;
}

public function getRegisteredOn(): ?\DateTimeInterface
{
    return $this->registeredOn;
}

public function setRegisteredOn(\DateTimeInterface $registeredOn): self
{
    $this->registeredOn = $registeredOn;

    return $this;
}

public function getReferrer(): ?interedThisWeek
{
    return $this->referrer;
}

public function setReferrer(?int $referrer): self
{
    $this->referrer = $referrer;

    return $this;
}

public function getEntries(): ?bool
{
    return $this->entries;
}

public function setEntries(bool $entries): self
{
    $this->entries = $entries;

    return $this;
}

public function setCurrency(bool $currency): self
{
    $this->currency = $currency;

    return $this;
}
public function getCurrency(): ?bool
{
    return $this->currency;
}

}

盐是暂时的,不用担心:)我还没有弄清楚如何实现SHA256,但是我需要在db中填写字段:)

1 个答案:

答案 0 :(得分:0)

我假设您遵循此官方教程:How to Build a Traditional Login Form

首先,由于正则表达式/,您的防火墙仅配置为1个URI-^/$,因此登录表单和其他路由不在防火墙之下。

尝试从头到尾按照教程中的指示进行操作,确保一切正常,然后进行更改。