简体   繁体   English

Symfony 2.3自定义表单login_check

[英]Symfony 2.3 custom form login_check

I have successfully created a login system that checks a doctrine user entity class and authenticates successfully. 我已经成功创建了一个登录系统,用于检查doctrine用户实体类并成功进行身份验证。 This uses http_basic which is set in the firewalls block in: 这使用http_basic,它在防火墙块中设置:

app/config/security.yml 应用程序/配置/ security.yml

However I wish to use the form_login option and render my own custom login template. 但是,我希望使用form_login选项并呈现我自己的自定义登录模板。 Below is the app/config/security.yml after i made changes to use form login which renders my custom form: 在我使用表单登录进行更改之后,下面是app / config / security.yml,它会呈现我的自定义表单:

security:
encoders:
    Brs\UserBundle\Entity\User:
        algorithm: bcrypt
        cost: 12

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

providers:
    # in_memory:
    #     memory:
    #         users:
    #             user:  { password: userpass, roles: [ 'ROLE_USER' ] }
    #             admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
    administrators:
        entity: { class: BrsUserBundle:User, property: fname }

firewalls:
    login: 
        pattern: ^/admin/login$
        anonymous: ~
    admin_area:
        pattern: ^/admin/
        # http_basic: ~
        form_login:
            login_path: /admin/login
            check_path: /admin/login_check

access_control:
    - { path: ^/admin/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin, roles: ROLE_ADMIN }

Now my form template posts to the check_path defined under form_login in security.yml. 现在我的表单模板发布到security.yml中form_login下定义的check_path。

I have the 2 routes defined within the bundle in LoginBundle/config/routing.yml 我在LoginBundle / config / routing.yml中的bundle中定义了2个路由

admin:
    path: /admin/login
    defaults: { _controller: BrsLoginBundle:Login:index }

adminlogin:
    path: /admin/login_check
    defaults: { _controller: BrsLoginBundle:Login:loginCheck }

admin_hello:
    path: /admin/hello
    defaults: { _controller: BrsLoginBundle:Login:hello }

When i submit the form it will return me to the /admin/login/ url and i cannot seem to get this to authenticate. 当我提交表单时,它会将我返回到/ admin / login / url,我似乎无法通过此身份验证。

From my understanding in the LoginController.php the symfony 2 docs tell me to define the method loginCheckAction(), which is empty and returns nothing. 根据我在LoginController.php中的理解,symfony 2文档告诉我定义方法loginCheckAction(),该方法为空并且不返回任何内容。

If i am following this correctly the form posts to the login_check path and the security system should handle the authentication just like when I used http_basic. 如果我正确地遵循这个,表单发布到login_check路径,安全系统应该处理身份验证,就像我使用http_basic时一样。

I am baffled and I am currently reading the docs again to see if i have missed something silly. 我很困惑,我现在正在阅读文档,看看我是否错过了一些愚蠢的东西。

Any help would be greatly appreciated. 任何帮助将不胜感激。

Adam 亚当

EDIT* 编辑*

Here is the twig template that renders the form: 以下是呈现表单的twig模板:

    {% extends 'BrsLoginBundle::layout.html.twig' %}

{% block body %}
       <h1>{{ name }}</h1>
{% if error %}
    <div>{{ error.messageKey|trans(error.messageData) }}</div>
{% endif %}       {#{form_start(form,{ 'attr': {'novalidate': 'novalidate' }})}#}
       <form action="{{ path('login_check')}}" method="post">
       <input type="text" name="_username" />
       <input type="password" name="_password" />
       <button type="submit">Login</button>
       </form>
       {#{form_widget(form)}#}
       {#{form_end(form)}#}
{% endblock %}

here is the controller 这是控制器

<?php
    namespace Brs\LoginBundle\Controller;

    use Symfony\Bundle\FrameworkBundle\Controller\Controller;
    use Symfony\Component\HttpFoundation\Request;
    use Symfony\Component\HttpFoundation\Response;
    use Brs\LoginBundle\Form\Type\LoginType;
    use Symfony\Component\Security\Core\SecurityContextInterface;


    class LoginController extends Controller{

        public function indexAction(Request $request){
            $session = $request->getSession();
            //instantiate the form type to use
            //$login = new LoginType();
            // create the form based on the type above
            //$form = $this->createForm(new LoginType(), $login);
            // this will tell me wether the form was submitted or not and handle the validation defined in bundle/resources/config/validation.yml
            //$form->handleRequest($request);
            //checks if the form is valid then we will execute what we want to next
            //if($form->isValid()){
                //do something if all validation test are passed        
            //} 
            var_dump($request->attributes->has(SecurityContextInterface::AUTHENTICATION_ERROR));
            var_dump($session->has(SecurityContextInterface::AUTHENTICATION_ERROR));
            var_dump(null !== $session);

            $error = $session->get(SecurityContextInterface::AUTHENTICATION_ERROR);
            $session->remove(SecurityContextInterface::AUTHENTICATION_ERROR);   
            //print_r($request->attributes->get(SecurityContextInterface::AUTHENTICATION_ERROR));
            //print_r($session->get(SecurityContextInterface::AUTHENTICATION_ERROR));
            //render the login template and pass the created form to it
            return $this->render('BrsLoginBundle:Admin:login.html.twig',array(
                'name'=>"Login",
                'error'=>$error
                //'form'=>$form->createView(),
            ));
        }

        public function hello(){
            return new Response("i shoudlnt be able to see this");
        }

        public function loginCheckAction(){

        }
    }
?>  

Here is the link to the documentation that I have been following: 这是我一直关注的文档的链接:

http://symfony.com/doc/2.3/cookbook/security/form_login_setup.html http://symfony.com/doc/2.3/cookbook/security/form_login_setup.html

EDIT* 编辑*

I have tailed the logs and this is Authenticating the user, However when it calls the login_check method , it then attempts to reload the user from the database but fails to find one. 我已经记录了日志,这是对用户进行身份验证,但是当它调用login_check方法时,它会尝试从数据库重新加载用户但是找不到用户。 so it starts the login procedure over again. 所以它再次启动登录过程。 The logs are in the link below: 日志位于以下链接中:

http://pastebin.com/sfTCNJS7 http://pastebin.com/sfTCNJS7

I suppose that error is there 我想那里有错误

access_control:
    - { path: ^/admin/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin, roles: ROLE_ADMIN }

as to access /admin/* routes you're telling to symfony that user has to be already authenticated. 至于你告诉symfony的访问/admin/*路由,用户必须已经过身份验证。 This control is done before /admin/login_check starts his actions. 此控制在/admin/login_check开始其操作之前完成。

You should modify security.yml as follows 您应该如下修改security.yml

access_control:
    - { path: ^/admin/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin/login_check, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin, roles: ROLE_ADMIN }

EDIT 编辑

OP claims that after logout I can't login anymore. OP声称注销后我无法登录。 I suspect that his logic behind logout isn't good. 我怀疑他退出后的逻辑并不好。 If you take a look to his logs you can notice that, after second login attempt, Symfony2 reports 如果您查看他的日志,您会注意到,在第二次登录尝试后,Symfony2会报告

[2015-02-17 14:57:16] security.WARNING: Username "" could not be found. [2015-02-17 14:57:16] security.WARNING:无法找到用户名“”。 [] [] [] []

like no username is passed to login_check action 喜欢没有用户名传递给login_check动作

声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.

 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM