我大致遵循了 Symfony 的Security and How to load Security Users from the Database指令以及一些小的自定义配置,但我无法使用数据库中的用户登录!in_memory 用户工作正常!
这是我的security.yml:
jms_security_extra:
secure_all_services: false
expressions: true
security:
encoders:
NEWS\BlogBundle\Entity\Author: plaintext
role_hierarchy:
ROLE_ADMIN: ROLE_USER
providers:
chain_provider:
chain:
providers: [user_db, in_memory]
user_db:
entity: { class: NEWSBlogBundle:Author , property: username }
in_memory:
memory:
users:
admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
firewalls:
admin_area:
pattern: ^/admin
http_basic: ~
secured_area:
pattern: ^/
anonymous: ~
form_login:
login_path: /Login
check_path: /login_check
username_parameter: username
password_parameter: password
logout:
path: /logout
target: /blog
access_control:
- { path: ^/admin, roles: ROLE_ADMIN }
- { path: ^/newpost, roles: ROLE_USER }
还有我的 Author.php (User) 实体(我删除了函数注释以使其更短):
<?php
namespace NEWS\BlogBundle\Entity;
use Doctrine\ORM\Mapping as ORM;
/**
* Author
*/
class Author implements \Symfony\Component\Security\Core\User\AdvancedUserInterface, \Serializable
{
/**
* @var integer
*/
private $id;
/**
* @var string
*/
private $username;
/**
* @var string
*/
private $password;
/**
* @var string
*/
private $Name;
/**
* @var string
*/
private $Surname;
/**
* @var string
*/
private $salt;
/**
* @var boolean
*/
private $isActive;
/**
* @var \NEWS\BlogBundle\Entity\Category
*/
private $category;
/**
* Get id
*
* @return integer
*/
public function getId()
{
return $this->id;
}
public function setUsername($username)
{
$this->username = $username;
return $this;
}
public function getUsername()
{
return $this->username;
}
public function setPassword($password)
{
$this->password = $password;
return $this;
}
public function getPassword()
{
return $this->password;
}
public function setCategory(\NEWS\BlogBundle\Entity\Category $category = null)
{
$this->category = $category;
return $this;
}
public function getCategory()
{
return $this->category;
}
public function setName($name)
{
$this->Name = $name;
return $this;
}
public function getName()
{
return $this->Name;
}
public function setSurname($surname)
{
$this->Surname = $surname;
return $this;
}
public function getSurname()
{
return $this->Surname;
}
public function __construct()
{
$this->isActive = true;
$this-> salt = sha1(uniqid(null, true));
}
public function setSalt($salt)
{
$this->salt = $salt;
return $this;
}
public function getSalt()
{
return $this->salt;
}
public function setIsActive($isActive)
{
$this->isActive = $isActive;
return $this;
}
public function getIsActive()
{
return $this->isActive;
}
public function isAccountNonExpired()
{
// TODO: Implement isAccountNonExpired() method.
return true;
}
public function isAccountNonLocked()
{
// TODO: Implement isAccountNonLocked() method.
return true;
}
public function isCredentialsNonExpired()
{
return true;
}
public function isEnabled()
{
return $this->isActive;
}
public function getRoles()
{
return array('ROLE_USER');
}
public function eraseCredentials()
{
// TODO: Implement eraseCredentials() method.
}
/**
* @var \Doctrine\Common\Collections\Collection
*/
private $posts;
public function addPost(\NEWS\BlogBundle\Entity\Post $posts)
{
$this->posts[] = $posts;
return $this;
}
public function removePost(\NEWS\BlogBundle\Entity\Post $posts)
{
$this->posts->removeElement($posts);
}
public function getPosts()
{
return $this->posts;
}
public function serialize()
{
return serialize(array(
$this->id,
));
}
public function unserialize($serialized)
{
list (
$this->id,
) = unserialize($serialized);
}
}
这是我的 Login.html.twig
{# src/NEWS/BlogBundle/Resources/views/Page/Login.html.twig #}
{% extends 'NEWSBlogBundle::layout.html.twig' %}
{% block title %}Login Page{% endblock%}
{% block body %}
<header>
</header>
{% if app.session.hasFlash('blogger-notice') %}
<div class="blogger-notice">
{{ app.session.flash('blogger-notice') }}
</div>
{% endif %}
{% if error %}
<div>{{ error.message }}</div>
{% endif %}
<form action="{{ path('login_check') }}" method="post">
<label for="username">Username:</label>
<input type="text" id="username" name="username" value="{{ last_username }}" />
<label for="password">Password:</label>
<input type="password" id="password" name="password" />
<button type="submit">Login</button>
</form>
{% endblock %}
登录控制器:
public function LoginAction()
{
$request = $this->getRequest();
$session = $request->getSession();
// get the login error if there is one
if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
$error = $request->attributes->get(
SecurityContext::AUTHENTICATION_ERROR
);
} else {
$error = $session->get(SecurityContext::AUTHENTICATION_ERROR);
$session->remove(SecurityContext::AUTHENTICATION_ERROR);
}
return $this->render(
'NEWSBlogBundle:Page:Login.html.twig',
array(
// last username entered by the user
'last_username' => $session->get(SecurityContext::LAST_USERNAME),
'error' => $error,
)
);
}
以及构建我的登录表单的功能:
public function buildForm(FormBuilderInterface $builder, array $options)
{
$builder->add('username', 'text');
$builder->add('password', 'password');
return $builder->getForm();
}
我已经尝试解决这个问题三天了,但没有成功!我真的很感激任何帮助!
我不知道是否也需要注册功能,我现在不包括它们,因为到目前为止问题已经足够长了!
PS:我的登录路径故意以大写字母开头,我知道我已经从用户/传递参数中删除了“_”,我确实尝试将它们改回原始表单,但仍然遇到同样的错误!