我已使用“安全指南”制作了登录表单。当我尝试登录时,我的日志如下:
2019-06-10 10:16:56] security.INFO: User has been authenticated successfully. {"username":"user@example.com"} []
[2019-06-10 10:16:56] security.DEBUG: Stored the security token in the session. {"key":"_security_main"} []
[2019-06-10 10:16:56] request.INFO: Matched route "app_user_dashboard". {"route":"app_user_dashboard","route_parameters":{"_route":"app_user_dashboard","_controller":"App\\Controller\\User\\UserController::dashboard"},"request_uri":"https://127.0.0.1:8001/app/dashboard","method":"GET"} []
[2019-06-10 10:16:56] security.DEBUG: Read existing security token from the session. {"key":"_security_main","token_class":"Symfony\\Component\\Security\\Core\\Authentication\\Token\\UsernamePasswordToken"} []
[2019-06-10 10:16:57] doctrine.DEBUG: SELECT t0.id AS id_1, t0.password AS password_2, t0.email AS email_3, t0.first_name AS first_name_4, t0.last_name AS last_name_5, t0.username AS username_6, t0.referral_code AS referral_code_7, t0.referred_by_code AS referred_by_code_8, t0.roles AS roles_9, t0.active_to AS active_to_10, t0.created_at AS created_at_11, t0.updated_at AS updated_at_12 FROM users t0 WHERE t0.id = ? [15] []
[2019-06-10 10:16:57] security.DEBUG: Cannot refresh token because user has changed. {"username":"user@example.com","provider":"Symfony\\Bridge\\Doctrine\\Security\\User\\EntityUserProvider"} []
[2019-06-10 10:16:57] security.DEBUG: Token was deauthenticated after trying to refresh it. [] []
,我也使用EquatableInterface
。我的User.php
代码:
namespace App\Entity\User;
use DateTime;
use Doctrine\ORM\Mapping as ORM;
use Exception;
use Serializable;
use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity;
use Symfony\Component\Security\Core\User\EquatableInterface;
use Symfony\Component\Security\Core\User\UserInterface;
/**
* Class User
*
* @ORM\Table(name="users")
* @ORM\Entity(repositoryClass="App\Repository\User\UserRepository")
* @ORM\HasLifecycleCallbacks
*
* @ORM\Entity
* @UniqueEntity(fields="username", message="username taken")
* @UniqueEntity(fields="email", message="email taken")
*/
class User implements UserInterface, Serializable, EquatableInterface
{
/**
* @var int
*
* @ORM\Column(type="integer")
* @ORM\Id
* @ORM\GeneratedValue(strategy="AUTO")
*/
private $id;
/**
* @var string
*
* @ORM\Column(type="string", length=256)
*/
private $password;
/**
* @var string
*
* @ORM\Column(type="string", length=64, unique=true)
*/
private $email;
/**
* @var string|null
*
* @ORM\Column(type="string", length=64, nullable=true)
*/
private $firstName;
/**
* @var string|null
*
* @ORM\Column(type="string", length=64, nullable=true)
*/
private $lastName;
/**
* @var string
*
* @ORM\Column(type="string", length=64, unique=true)
*/
private $username;
/**
* @var string
*
* @ORM\Column(type="string", length=64, unique=true)
*/
private $referralCode;
/**
* @var string|null
*
* @ORM\Column(type="string", length=64, nullable=true)
*/
private $referredByCode;
/**
* @var array
*
* @ORM\Column(type="array", length=64)
*/
private $roles;
/**
* @var DateTime
*
* @ORM\Column(type="datetime")
*/
private $activeTo;
/**
* @var DateTime
*
* @ORM\Column(type="datetime")
*/
private $createdAt;
/**
* @var DateTime
*
* @ORM\Column(type="datetime", nullable=true)
*/
private $updatedAt;
/**
* User constructor.
*
* @throws Exception
*/
public function __construct()
{
$this->createdAt = new DateTime();
$this->updatedAt = new DateTime();
$this->activeTo = new DateTime('now + 14 days');
$this->referralCode = substr(hash('sha256', uniqid()), 0, 5);
}
/**
* @return string
*/
public function __toString()
{
return $this->getUsername();
}
/**
* @return int
*/
public function getId(): int
{
return $this->id;
}
/**
* @param string $username
*/
public function setUsername(string $username): void
{
$this->username = $username;
}
/**
* @return string
*/
public function getUsername(): ?string
{
return $this->username;
}
/**
* @return null|string
*/
public function getSalt(): ?string
{
// you *may* need a real salt depending on your encoder
// see section on salt below
return null;
}
/**
* @return string
*/
public function getPassword(): ?string
{
return $this->password;
}
/**
* @param string $password
*/
public function setPassword(string $password)
{
$this->password = $password;
}
/**
* @return array
*/
public function getRoles(): array
{
// return $this->roles;
return ['ROLE_USER', 'ROLE_API_USER'];
}
/**
*
*/
public function eraseCredentials()
{
}
/**
* @see Serializable::serialize()
*/
public function serialize()
{
return serialize(array($this->id, $this->email));
}
/**
* @see Serializable::unserialize()
*
* @param $serialized
*/
public function unserialize($serialized)
{
list ($this->id, $this->email) = unserialize($serialized, array('allowed_classes' => false));
}
/**
* @return string
*/
public function getEmail(): ?string
{
return $this->email;
}
/**
* @param string $email
*/
public function setEmail(string $email): void
{
$this->email = $email;
}
/**
* @return DateTime
*/
public function getCreatedAt(): DateTime
{
return $this->createdAt;
}
/**
* @ORM\PrePersist
*
* @throws Exception
*/
public function setCreatedAt(): void
{
$this->createdAt = new DateTime();
}
/**
* @return DateTime
*/
public function getUpdatedAt(): DateTime
{
return $this->updatedAt;
}
/**
* @ORM\PreUpdate
*
* @throws Exception
*/
public function setUpdatedAt(): void
{
$this->updatedAt = new DateTime();
}
/**
* @return DateTime
*/
public function getActiveTo(): DateTime
{
return $this->activeTo;
}
/**
* @param DateTime $activeTo
*/
public function setActiveTo(DateTime $activeTo): void
{
$this->activeTo = $activeTo;
}
/**
* @return string
*/
public function getReferralCode(): string
{
return $this->referralCode;
}
/**
* @param string $referralCode
*/
public function setReferralCode(string $referralCode): void
{
$this->referralCode = $referralCode;
}
/**
* @return string|null
*/
public function getReferredByCode():? string
{
return $this->referredByCode;
}
/**
* @param string|null $referredByCode
*/
public function setReferredByCode(?string $referredByCode): void
{
$this->referredByCode = $referredByCode;
}
/**
* @return string|null
*/
public function getFirstName(): ?string
{
return $this->firstName;
}
/**
* @param string|null $firstName
*/
public function setFirstName(?string $firstName): void
{
$this->firstName = $firstName;
}
/**
* @return string|null
*/
public function getLastName(): ?string
{
return $this->lastName;
}
/**
* @param string|null $lastName
*/
public function setLastName(?string $lastName): void
{
$this->lastName = $lastName;
}
/**
* @param array $roles
*/
public function setRoles(array $roles): void
{
$this->roles = $roles;
}
/**
* The equality comparison should neither be done by referential equality
* nor by comparing identities (i.e. getId() === getId()).
*
* However, you do not need to compare every attribute, but only those that
* are relevant for assessing whether re-authentication is required.
*
* @param UserInterface $user
*
* @return bool
*/
public function isEqualTo(UserInterface $user)
{
if ($this->username !== $user->getUsername()) {
return false;
}
return true;
}
}
和security.yaml
encoders:
App\Entity\User\User:
algorithm: auto
providers:
user_provider:
entity:
class: App\Entity\User\User
property: username
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
http_basic: ~
anonymous: true
# logout_on_user_change: true
provider: user_provider
form_login:
login_path: app_user_login
check_path: app_user_login
default_target_path: app_user_dashboard
csrf_token_generator: security.csrf.token_manager
logout:
path: /app/logout
target: /app/login
# activate different ways to authenticate
# http_basic: true
# https://symfony.com/doc/current/security.html#a-configuring-how-your-users-will-authenticate
# form_login: true
# https://symfony.com/doc/current/security/form_login_setup.html
# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
- { path: ^/app/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/app/register, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/app, roles: IS_AUTHENTICATED_FULLY }
我将此帖子设为红色:Token was deauthenticated after trying to refresh it,该解决方案对我不起作用。有什么想法吗?
答案 0 :(得分:1)
您在这里有2个选项:
User
中更新您的序列化我指的是https://symfony.com/doc/current/security/user_provider.html#understanding-how-users-are-refreshed-from-the-session,因为我有同样的问题。
第一个解决方案:
firewalls:
# ...
main:
http_basic: ~
anonymous: true
stateless: true
这应该使Symfony忽略您的序列化,而只是从数据库中重新加载整个实体。
第二个解决方案:
class User implements UserInterface, Serializable, EquatableInterface
{
public function serialize()
{
return serialize(array(
$this->id,
$this->password,
$this->email,
$this->username,
$this->activeTo,
));
}
public function unserialize($serialized)
{
list (
$this->id,
$this->password,
$this->email,
$this->username,
$this->activeTo,
) = unserialize($serialized, array('allowed_classes' => false));
}
}
您应该在任何user_checker
类(或默认类)中保留Symfony可能需要的任何信息。