当我提交登录表单失败时,为什么 symfony 没有显示消息错误?
我的安全配置:
security:
firewalls:
secure_area:
pattern: ^/
form_login:
login_path: bunga_core_user_login
check_path: bunga_core_user_check
use_forward: false
username_parameter: _username
password_parameter: _password
post_only: true
use_referer: true
logout:
path: bunga_core_user_logout
target: bunga_core
anonymous: ~
access_control:
- { path: ^/user/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/user/admin, roles: [ROLE_ADMIN] }
- { path: ^/, roles: [IS_AUTHENTICATED_ANONYMOUSLY] }
role_hierarchy:
ROLE_ADMIN: [ROLE_USER]
providers:
main:
entity:
class: BungaCoreBundle:User
property: username
encoders:
Bunga\CoreBundle\Entity\User:
algorithm: sha1
iterations: 1
encode_as_base64: false
用户控制器
<?php
namespace Bunga\CoreBundle\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
use Sensio\Bundle\FrameworkExtraBundle\Configuration\Template;
use Symfony\Component\Security\Core\SecurityContext;
class UserController extends Controller
{
/**
* @Route("/login")
* @Template()
*/
public function loginAction()
{
$request = $this->getRequest();
$session = $request->getSession();
// get login error if any
if($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
$error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
} else {
$error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
$session->remove(SecurityContext::AUTHENTICATION_ERROR);
}
return array(
'lastUsername' => $session->get(SecurityContext::LAST_USERNAME),
'error' => $error
);
}
/**
* @Route("/admin")
* @Template()
*/
public function adminAction() {
return array();
}
}
我的实体:用户
<?php
namespace Bunga\CoreBundle\Entity;
use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Security\Core\Role\Role;
use Symfony\Component\Security\Core\User\UserInterface;
/**
* User
*
* @ORM\Table()
* @ORM\Entity(repositoryClass="Bunga\CoreBundle\Entity\UserRepository")
*/
class User implements UserInterface
{
/**
* @var integer
*
* @ORM\Column(name="id", type="integer")
* @ORM\Id
* @ORM\GeneratedValue(strategy="AUTO")
*/
private $id;
/**
* @var string
*
* @ORM\Column(name="username", type="string", length=255, unique=true)
*/
private $username;
/**
* @var string
*
* @ORM\Column(name="password", type="string", length=64)
*/
private $password;
/**
* @var string
*
* @ORM\Column(name="role", type="string", length=64)
*/
private $role;
/**
* @var boolean
*
* @ORM\Column(name="isActive", type="boolean")
*/
private $isActive;
/**
* Returns the roles granted to the user.
*
* <code>
* public function getRoles()
* {
* return array('ROLE_USER');
* }
* </code>
*
* Alternatively, the roles might be stored on a ``roles`` property,
* and populated in any number of different ways when the user object
* is created.
*
* @return Role[] The user roles
*/
public function getRoles()
{
return array($this->getRole());
}
/**
* @return mixed
*/
public function getRole()
{
return $this->role;
}
/**
* @param mixed $role
*/
public function setRole($role)
{
$this->role = $role;
}
/**
* Returns the password used to authenticate the user.
*
* This should be the encoded password. On authentication, a plain-text
* password will be salted, encoded, and then compared to this value.
*
* @return string The password
*/
public function getPassword()
{
$this->password;
}
/**
* Set password
*
* @param string $password
*
* @return User
*/
public function setPassword($password)
{
$this->password = $password;
return $this;
}
/**
* Returns the salt that was originally used to encode the password.
*
* This can return null if the password was not encoded using a salt.
*
* @return string|null The salt
*/
public function getSalt()
{
return null;
}
/**
* Returns the username used to authenticate the user.
*
* @return string The username
*/
public function getUsername()
{
$this->username;
}
/**
* Set username
*
* @param string $username
*
* @return User
*/
public function setUsername($username)
{
$this->username = $username;
return $this;
}
/**
* Removes sensitive data from the user.
*
* This is important if, at any given point, sensitive information like
* the plain-text password is stored on this object.
*/
public function eraseCredentials()
{
}
/**
* Get id
*
* @return integer
*/
public function getId()
{
return $this->id;
}
/**
* Get isActive
*
* @return boolean
*/
public function getIsActive()
{
return $this->isActive;
}
/**
* Set isActive
*
* @param boolean $isActive
*
* @return User
*/
public function setIsActive($isActive)
{
$this->isActive = $isActive;
return $this;
}
}
UserController 的 Twig 模板:登录
{% block body %}
<h1 class="text-center">Login Form</h1>
{% if error %}
<div class="error">{{ error.message }}</div>
{% endif %}
<form action="{{ path('bunga_core_user_check') }}" method="post" role="form" class="form-horizontal">
<div class="form-group">
<label for="username" class="control-label col-xs-2">User</label>
<div class="col-xs-10">
<input class="form-control" type="text" id="username" name="_username" value="{{ lastUsername }}" />
</div>
</div>
<div class="form-group">
<label for="password" class="control-label col-xs-2">Password</label>
<div class="col-xs-10">
<input class="form-control" type="text" id="password" name="_password" />
</div>
</div>
{#
If you want to control the URL the user
is redirected to on success (more details below)
<input type="hidden" name="_target_path" value="/account" />
#}
<div class="form-group">
<div class="col-xs-10 col-xs-offset-2">
<button type="submit" class="btn btn-primary">login</button>
</div>
</div>
</form>
{% endblock %}