Symfony身份验证始终返回“无效凭据”

时间:2020-01-02 19:49:06

标签: php symfony authentication

我正在尝试使用Symfony进行身份验证。不幸的是,无论尝试如何,我都会一遍又一遍地收到错误消息“ Invalid Credentials ”。

我读过其他文章,但都没有派上用场,这可能是什么原因以及如何解决?

我试图修改getUsername()以返回电子邮件而不是用户名,但这没用。我检查了我的注册过程,确保自己的哈希正确无误,并用普通密码转储了password_verify的结果,并且一个来自数据库(这是事实)等等。

我相信我做错了事。

security.yml: 

security:
    role_hierarchy:

    encoders:
        AppBundle\Entity\User: bcrypt

    # https://symfony.com/doc/current/security.html#b-configuring-how-users-are-loaded
    providers:
        db_provider:
            entity:
                class: AppBundle\Entity\User
                property: email

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        main:
            pattern: ^/
            provider: db_provider
            anonymous: ~
            form_login:
                username_parameter: _email
                check_path: security_login
                login_path: security_login
                default_target_path: homepage
                always_use_default_target_path: true
                csrf_token_generator: security.csrf.token_manager

            logout:
                path: security_logout
                target: security_login

    access_control:
        # this is a catch-all for the admin area
        # addition security lices in the controllers
        # - { path: '^/(%locale%)/admin', roles: ROLE_ADMIN
        # - { path: '^/ucp', roles: [IS_AUTHENTICATED_FULLY] }

login.html.twig 

<form name="authenticate" action="{{ path('security_login') }}" method="post" class="loginForm" id="loginForm">
    <div class="form-group">
        <input type="email" class="form-control" name="_email" value="{{ last_username }}" id="email" placeholder="Имейл адрес"/>
    </div>
    <div class="form-group">
        <input type="password" class="form-control" name=_password" id="password" placeholder="Парола"/>
    </div>
    <input type="hidden" name="_csrf_token" value="{{ csrf_token('authenticate') }}">
    <div class="text-center"><button type="submit" id="loginButton">Log in</button></div>
</form>

UserService 

class UserService implements UserServiceInterface
{
    private $encryptionService;
    private $entityManager;

    public function __construct(UserPasswordEncoderInterface $encryptionService,
                                EntityManagerInterface $entityManager)
    {
        $this->encryptionService = $encryptionService;
        $this->entityManager = $entityManager;
    }

    public function save(User $user): Response
    {
        $passwordHash = $this->encryptionService->encodePassword($user, $user->getPassword());
        $user->setPassword($passwordHash);

        $this->entityManager->persist($user);
        $this->entityManager->flush();

        return new Response();
    }
}

2 个答案:

答案 0 :(得分:1)

哦,天哪,我已经解决了...不幸的是,这是一个令人尴尬的错误...我刚错过了密码名属性的第一个引号,它是name = _password“

答案 1 :(得分:0)

您可以使用 UserPasswordEncoderInterface 来对您的密码进行明确的哈希处理:

.....
use Symfony\Component\Security\Core\Encoder\UserPasswordEncoderInterface;
......

class UserService implements UserServiceInterface
{
    private $userPasswordEncoderInterface;
    private $entityManager;

    public function __construct(
      UserPasswordEncoderInterface $userPasswordEncoderInterface,
      EntityManagerInterface $entityManager)
    {
        $this->userPasswordEncoderInterface = $userPasswordEncoderInterface;
        $this->entityManager = $entityManager;
    }

    public function save(User $user): Response
    {
        $passwordHash = $this->userPasswordEncoderInterface->encodePassword($user, $user->getPassword());
        $user->setPassword($passwordHash);

        $this->entityManager->persist($user);
        $this->entityManager->flush();

        return new Response('password encoded');
    }
}

您可以在此链接中查看更多信息:handle register form

相关问题
最新问题