[英]Symfony2 Login authentication
I know that it is a common thing but I can't find what mistake I'm doing and I'm getting crazy. 我知道这是常见的事情,但我找不到我正在做的错误,我变得疯狂。
I can't login by a login form, when I submit the form, it returns to itself without error and not authenticated. 我无法通过登录表单登录,当我提交表单时,它会自行返回并且没有经过身份验证。
Thanks in advance! 提前致谢!
Here is my security.yml 这是我的security.yml
security:
encoders:
Symfony\Component\Security\Core\User\User: plaintext
#Cityincheck\AppBundle\Entity\User:
#algorithm: bcrypt
#cost: 12
role_hierarchy:
ROLE_ADMIN: ROLE_USER
providers:
in_memory:
memory:
users:
ryan:
password: ryanpass
roles: 'ROLE_USER'
admin:
password: kitten
roles: 'ROLE_ADMIN'
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
login_firewall:
pattern: ^/login$
anonymous: ~
admin_area:
pattern: ^/*
form_login:
check_path: /login_check
login_path: /login
provider: in_memory
default_target_path: /admin
logout:
path: admin_logout
target: admin_login
#anonymous: ~
#http_basic:
# realm: "Secured Demo Area"
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, roles: ROLE_ADMIN }
My routing.yml 我的routing.yml
admin_login:
path: /login
defaults: { _controller: AppBundle:AccessControl:login }
admin_login_check:
path: /login_check
And my controller: 而我的控制器:
class AccessControlController extends Controller
{
public function loginAction(Request $request)
{
$session = $request->getSession();
// get the login error if there is one
if ($request->attributes->has(SecurityContextInterface::AUTHENTICATION_ERROR)) {
$error = $request->attributes->get(
SecurityContextInterface::AUTHENTICATION_ERROR
);
} elseif (null !== $session && $session->has(SecurityContextInterface::AUTHENTICATION_ERROR)) {
$error = $session->get(SecurityContextInterface::AUTHENTICATION_ERROR);
$session->remove(SecurityContextInterface::AUTHENTICATION_ERROR);
} else {
$error = null;
}
// last username entered by the user
$lastUsername = (null === $session) ? '' : $session->get(SecurityContextInterface::LAST_USERNAME);
return $this->render(
'AppBundle::login.html.twig',
array(
// last username entered by the user
'last_username' => $lastUsername,
'error' => $error,
)
);
}
}
The problem is in your security.yml. 问题出在你的security.yml中。 When somebody send form, browser sent HTTP request to /login_check to check login and password. 当有人发送表单时,浏览器向/ login_check发送HTTP请求以检查登录名和密码。 But app don't allow to do it as user are not authenticated. 但是应用程序不允许这样做,因为用户未经过身份验证。 You must add '/login_check' to access_control 您必须将'/ login_check'添加到access_control
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/login_check, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, roles: ROLE_ADMIN }
Or that 或者那个
access_control:
- { path: ^/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, roles: ROLE_ADMIN }
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.