Symfony2登录验证

Question

I know that it is a common thing but I can't find what mistake I'm doing and I'm getting crazy. 我知道这是常见的事情，但我找不到我正在做的错误，我变得疯狂。

I can't login by a login form, when I submit the form, it returns to itself without error and not authenticated. 我无法通过登录表单登录，当我提交表单时，它会自行返回并且没有经过身份验证。

Thanks in advance! 提前致谢！

Here is my security.yml 这是我的security.yml

security:
     encoders:
         Symfony\Component\Security\Core\User\User: plaintext
         #Cityincheck\AppBundle\Entity\User:
             #algorithm: bcrypt
             #cost: 12

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER

providers:
    in_memory:
        memory:
            users:
                ryan:
                    password: ryanpass
                    roles: 'ROLE_USER'
                admin:
                    password: kitten
                    roles: 'ROLE_ADMIN'

firewalls:
    dev:
        pattern:  ^/(_(profiler|wdt)|css|images|js)/
        security: false

    login_firewall:
        pattern:   ^/login$
        anonymous: ~
    admin_area:
        pattern:    ^/*
        form_login:
            check_path: /login_check
            login_path: /login
            provider: in_memory
            default_target_path: /admin
        logout:
            path:   admin_logout
            target: admin_login
        #anonymous: ~
        #http_basic:
        #    realm: "Secured Demo Area"

access_control:
    - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin, roles: ROLE_ADMIN }

My routing.yml 我的routing.yml

admin_login:
    path: /login
    defaults: { _controller: AppBundle:AccessControl:login }

admin_login_check:
    path: /login_check

And my controller: 而我的控制器：

class AccessControlController extends Controller
{

public function loginAction(Request $request)
{
    $session = $request->getSession();

    // get the login error if there is one
    if ($request->attributes->has(SecurityContextInterface::AUTHENTICATION_ERROR)) {
        $error = $request->attributes->get(
            SecurityContextInterface::AUTHENTICATION_ERROR
        );
    } elseif (null !== $session && $session->has(SecurityContextInterface::AUTHENTICATION_ERROR)) {
        $error = $session->get(SecurityContextInterface::AUTHENTICATION_ERROR);
        $session->remove(SecurityContextInterface::AUTHENTICATION_ERROR);
    } else {
        $error = null;
    }

    // last username entered by the user
    $lastUsername = (null === $session) ? '' : $session->get(SecurityContextInterface::LAST_USERNAME);

    return $this->render(
        'AppBundle::login.html.twig',
        array(
            // last username entered by the user
            'last_username' => $lastUsername,
            'error'         => $error,
        )
    );
}
}

Answer 1

The problem is in your security.yml. 问题出在你的security.yml中。 When somebody send form, browser sent HTTP request to /login_check to check login and password. 当有人发送表单时，浏览器向/ login_check发送HTTP请求以检查登录名和密码。 But app don't allow to do it as user are not authenticated. 但是应用程序不允许这样做，因为用户未经过身份验证。 You must add '/login_check' to access_control 您必须将'/ login_check'添加到access_control

access_control:
    - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/login_check, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin, roles: ROLE_ADMIN }

Or that 或者那个

access_control:
    - { path: ^/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/admin, roles: ROLE_ADMIN }

Symfony2登录验证

问题描述

1 个解决方案

解决方案1
0 2015-11-16 12:54:12

Symfony2登录验证

问题描述

1 个解决方案

解决方案1 0 2015-11-16 12:54:12

解决方案1
0 2015-11-16 12:54:12