1

这是 app/logs/dev.log:

[2013-05-19 13:29:42] doctrine.DEBUG: SET NAMES UTF8 [] []
[2013-05-19 13:29:42] doctrine.DEBUG: SELECT t0.id AS id1, t0.username AS username2, t0.salt AS salt3, t0.password AS password4, t0.email AS email5, t0.is_active AS is_active6 FROM user t0 WHERE t0.username = ? LIMIT 1 ["administrator"] []
[2013-05-19 13:29:42] security.INFO: Authentication request failed: Bad credentials [] []

这是我创建并加载到 DB 的夹具:

class FixtureLoader implements FixtureInterface {
     public function load(ObjectManager $manager) {

          $role = new Role();
          $role->setName('Администратор');
          $role->setRole('ROLE_ADMIN');

          $manager->persist($role);

          $user = new User();
          $user->setUsername('administrator');
          $user->setEmail('admin@umahanov.com');
          $user->setSalt(md5(time()));
          $user->setIsActive(false);

          $encoder = new MessageDigestPasswordEncoder('sha512',true,10);
          $password = $encoder->encodePassword('111111', $user->getSalt());
          $user->setPassword($password);
          $user->getUserRoles()->add($role);
          $manager->persist($user);

          $manager->flush();  

     }
}

我的安全.yml

security:
    encoders:
      Umahanov\UserBundle\Entity\User:        
        algorithm: sha512
        encode-as-base64: true
        iterations: 10
    providers:
      main:
        entity: { class: UmahanovUserBundle:User, property: username}       
    firewalls:
        insecure:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/
            security: false
        secure_area:
            pattern:    ^/
            form_login:
                login_path:  /user/login
                check_path:  /user/login_check
            logout:
                path:   /user/logout
                target: /   
            anonymous: ~
    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
    access_control:
        - { path: ^/admin, role: ROLE_ADMIN}      
        - { path: ^/.*, role: IS_AUTHENTICATED_ANONYMOUSLY }

我有简单的实体 - 具有多对多关系的用户和角色

我的表格:

{% extends '::layout.html.twig' %}
{% block content %}
{% if error %}
<div> {{ error.message }}</div>
{% endif %}
<form action="{{ path('user_check_path')}}" method="post" novalidate="">
     <label for="username">Username:</label>
     <input type="text" id="username" name="_username" value="{{ last_username }}" />
     <label for="password">Password:</label>
     <input type="password" id="password" name="_password" />    
     <button type="submit">войти</button>
</form>
<p><a href="{{ path('user_register') }}">sign up here</a></p>
{% endblock %}

不知道为什么它显示错误的凭据。有人也可以解释一下,为什么在教义.DEBUG查询中没有密码比较

4

1 回答 1

4

问题在于密码字段的长度(VARCHAR(40))

SHA512 生成长度为 88 个符号的字符串

于 2013-05-19T09:41:15.993 回答