[英]Symfony 2.3 custom form login_check
I have successfully created a login system that checks a doctrine user entity class and authenticates successfully. 我已经成功创建了一个登录系统,用于检查doctrine用户实体类并成功进行身份验证。 This uses http_basic which is set in the firewalls block in:
这使用http_basic,它在防火墙块中设置:
app/config/security.yml 应用程序/配置/ security.yml
However I wish to use the form_login option and render my own custom login template. 但是,我希望使用form_login选项并呈现我自己的自定义登录模板。 Below is the app/config/security.yml after i made changes to use form login which renders my custom form:
在我使用表单登录进行更改之后,下面是app / config / security.yml,它会呈现我的自定义表单:
security:
encoders:
Brs\UserBundle\Entity\User:
algorithm: bcrypt
cost: 12
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
providers:
# in_memory:
# memory:
# users:
# user: { password: userpass, roles: [ 'ROLE_USER' ] }
# admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
administrators:
entity: { class: BrsUserBundle:User, property: fname }
firewalls:
login:
pattern: ^/admin/login$
anonymous: ~
admin_area:
pattern: ^/admin/
# http_basic: ~
form_login:
login_path: /admin/login
check_path: /admin/login_check
access_control:
- { path: ^/admin/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, roles: ROLE_ADMIN }
Now my form template posts to the check_path defined under form_login in security.yml. 现在我的表单模板发布到security.yml中form_login下定义的check_path。
I have the 2 routes defined within the bundle in LoginBundle/config/routing.yml 我在LoginBundle / config / routing.yml中的bundle中定义了2个路由
admin:
path: /admin/login
defaults: { _controller: BrsLoginBundle:Login:index }
adminlogin:
path: /admin/login_check
defaults: { _controller: BrsLoginBundle:Login:loginCheck }
admin_hello:
path: /admin/hello
defaults: { _controller: BrsLoginBundle:Login:hello }
When i submit the form it will return me to the /admin/login/ url and i cannot seem to get this to authenticate. 当我提交表单时,它会将我返回到/ admin / login / url,我似乎无法通过此身份验证。
From my understanding in the LoginController.php the symfony 2 docs tell me to define the method loginCheckAction(), which is empty and returns nothing. 根据我在LoginController.php中的理解,symfony 2文档告诉我定义方法loginCheckAction(),该方法为空并且不返回任何内容。
If i am following this correctly the form posts to the login_check path and the security system should handle the authentication just like when I used http_basic. 如果我正确地遵循这个,表单发布到login_check路径,安全系统应该处理身份验证,就像我使用http_basic时一样。
I am baffled and I am currently reading the docs again to see if i have missed something silly. 我很困惑,我现在正在阅读文档,看看我是否错过了一些愚蠢的东西。
Any help would be greatly appreciated. 任何帮助将不胜感激。
Adam 亚当
EDIT* 编辑*
Here is the twig template that renders the form: 以下是呈现表单的twig模板:
{% extends 'BrsLoginBundle::layout.html.twig' %}
{% block body %}
<h1>{{ name }}</h1>
{% if error %}
<div>{{ error.messageKey|trans(error.messageData) }}</div>
{% endif %} {#{form_start(form,{ 'attr': {'novalidate': 'novalidate' }})}#}
<form action="{{ path('login_check')}}" method="post">
<input type="text" name="_username" />
<input type="password" name="_password" />
<button type="submit">Login</button>
</form>
{#{form_widget(form)}#}
{#{form_end(form)}#}
{% endblock %}
here is the controller 这是控制器
<?php
namespace Brs\LoginBundle\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Response;
use Brs\LoginBundle\Form\Type\LoginType;
use Symfony\Component\Security\Core\SecurityContextInterface;
class LoginController extends Controller{
public function indexAction(Request $request){
$session = $request->getSession();
//instantiate the form type to use
//$login = new LoginType();
// create the form based on the type above
//$form = $this->createForm(new LoginType(), $login);
// this will tell me wether the form was submitted or not and handle the validation defined in bundle/resources/config/validation.yml
//$form->handleRequest($request);
//checks if the form is valid then we will execute what we want to next
//if($form->isValid()){
//do something if all validation test are passed
//}
var_dump($request->attributes->has(SecurityContextInterface::AUTHENTICATION_ERROR));
var_dump($session->has(SecurityContextInterface::AUTHENTICATION_ERROR));
var_dump(null !== $session);
$error = $session->get(SecurityContextInterface::AUTHENTICATION_ERROR);
$session->remove(SecurityContextInterface::AUTHENTICATION_ERROR);
//print_r($request->attributes->get(SecurityContextInterface::AUTHENTICATION_ERROR));
//print_r($session->get(SecurityContextInterface::AUTHENTICATION_ERROR));
//render the login template and pass the created form to it
return $this->render('BrsLoginBundle:Admin:login.html.twig',array(
'name'=>"Login",
'error'=>$error
//'form'=>$form->createView(),
));
}
public function hello(){
return new Response("i shoudlnt be able to see this");
}
public function loginCheckAction(){
}
}
?>
Here is the link to the documentation that I have been following: 这是我一直关注的文档的链接:
http://symfony.com/doc/2.3/cookbook/security/form_login_setup.html http://symfony.com/doc/2.3/cookbook/security/form_login_setup.html
EDIT* 编辑*
I have tailed the logs and this is Authenticating the user, However when it calls the login_check method , it then attempts to reload the user from the database but fails to find one. 我已经记录了日志,这是对用户进行身份验证,但是当它调用login_check方法时,它会尝试从数据库重新加载用户但是找不到用户。 so it starts the login procedure over again.
所以它再次启动登录过程。 The logs are in the link below:
日志位于以下链接中:
I suppose that error is there 我想那里有错误
access_control:
- { path: ^/admin/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, roles: ROLE_ADMIN }
as to access /admin/*
routes you're telling to symfony that user has to be already authenticated. 至于你告诉symfony的访问
/admin/*
路由,用户必须已经过身份验证。 This control is done before /admin/login_check
starts his actions. 此控制在
/admin/login_check
开始其操作之前完成。
You should modify security.yml as follows 您应该如下修改security.yml
access_control:
- { path: ^/admin/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin/login_check, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, roles: ROLE_ADMIN }
OP claims that after logout I can't login anymore. OP声称注销后我无法登录。 I suspect that his logic behind logout isn't good.
我怀疑他退出后的逻辑并不好。 If you take a look to his logs you can notice that, after second login attempt, Symfony2 reports
如果您查看他的日志,您会注意到,在第二次登录尝试后,Symfony2会报告
[2015-02-17 14:57:16] security.WARNING: Username "" could not be found.
[2015-02-17 14:57:16] security.WARNING:无法找到用户名“”。 [] []
[] []
like no username is passed to login_check action 喜欢没有用户名传递给login_check动作
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.