stackoom
  简体   繁体   中英

Symfony2 Login bad credentials

 原文  2014-04-29 09:22:11       php/ symfony/ login/ doctrine

Question

Hello guys i have been trying to get a log in system together and on multiple difference tries i am still getting the bad credentials message. I suspect it is something to do with my encoding not matching, i have unhashed the passwords so they store in the database as the user would type it and i still get this message.

User.php: 

<?php

namespace Simple\ProfileBundle\Entity;

use Symfony\Component\Security\Core\User\UserInterface;
use Doctrine\ORM\Mapping as ORM;

/**
 * @ORM\Entity
 * @ORM\Table(name="users")
 */
class User implements UserInterface
{
    /**
     * @ORM\Id
     * @ORM\Column(type="integer")
     * @ORM\GeneratedValue(strategy="AUTO")
     */
    protected $id;

    /**
     * @ORM\Column(name="user", type="string", length=255)
     */
    protected $username;

    /**
     * @ORM\Column(name="password", type="string", length=255)
     */
    protected $password;

    /**
     * @ORM\Column(name="salt", type="string", length=255)
     */
    protected $salt;

    /**
     * @ORM\ManyToMany(targetEntity="Role")
     * @ORM\JoinTable(name="user_role",
     *     joinColumns={@ORM\JoinColumn(name="user_id", referencedColumnName="id")},
     *     inverseJoinColumns={@ORM\JoinColumn(name="role_id", referencedColumnName="id")}
     * )
     */
    protected $roles;
    /**
     * @inheritDoc
     */
    public function getUsername()
    {
        return $this->username;
    }

    /**
     * @inheritDoc
     */
    public function getSalt()
    {
        return $this->salt;
    }

    /**
     * @inheritDoc
     */
    public function getPassword()
    {
        return $this->password;
    }

    /**
     * @inheritDoc
     */
    public function getRoles()
    {
        return array('ROLE_USER');
    }

    /**
     * @inheritDoc
     */
    public function eraseCredentials()
    {
    }

    /**
     * Constructor
     */
    public function __construct()
    {
        $this->roles = new \Doctrine\Common\Collections\ArrayCollection();
        $this->salt = sha1(uniqid(null, true));
    }

    /**
     * Get id
     *
     * @return integer
     */
    public function getId()
    {
        return $this->id;
    }

    /**
     * Set user
     *
     * @param string $user
     * @return User
     */
    public function setUser($user)
    {
        $this->user = $user;

        return $this;
    }

    /**
     * Get user
     *
     * @return string
     */
    public function getUser()
    {
        return $this->user;
    }

    /**
     * Set password
     *
     * @param string $password
     * @return User
     */
    public function setPassword($password)
    {
        $this->password = $password;

        return $this;
    }

    /**
     * Set salt
     *
     * @param string $salt
     * @return User
     */
    public function setSalt($salt)
    {
        $this->salt = $salt;

        return $this;
    }

    /**
     * Add roles
     *
     * @param \Simple\ProfileBundle\Entity\Role $roles
     * @return User
     */
    public function addRole(\Simple\ProfileBundle\Entity\Role $roles)
    {
        $this->roles[] = $roles;

        return $this;
    }

    /**
     * Remove roles
     *
     * @param \Simple\ProfileBundle\Entity\Role $roles
     */
    public function removeRole(\Simple\ProfileBundle\Entity\Role $roles)
    {
        $this->roles->removeElement($roles);
    }

    /**
     * Set username
     *
     * @param string $username
     * @return User
     */
    public function setUsername($username)
    {
        $this->username = $username;

        return $this;
    }
}

security.yml: 

security:
encoders:
    Simple\ProfileBundle\Entity\User:
        algorithm: sha1


role_hierarchy:
    ROLE_ADMIN: [ROLE_USER]

providers:
    user_db:
        entity: { class: Simple\ProfileBundle\Entity\User, property: username }

firewalls:
    main:
        pattern: /.*
        provider: user_db
        form_login:
            login_path: /login
            check_path: /login_check
            remember_me: true
        logout:
            path: /logout
            target: /
        remember_me:
            key: MiPassphrase
            lifetime: 1800
            path: /.*
            domain: ~
        security: true
        anonymous: true
access_control:
    - { path: /login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: /user, roles: ROLE_USER }
    - { path: /admin, roles: ROLE_ADMIN }
    - { path: /.*, roles: IS_AUTHENTICATED_ANONYMOUSLY }

SecurityController.php: 

<?php

namespace Simple\ProfileBundle\Controller;

use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\Security\Core\SecurityContext;

class SecurityController extends Controller
{
    public function loginAction()
    {
        $request = $this->getRequest();
        $session = $request->getSession();

        // get the login error if there is one
        if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
            $error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
        } else {
            $error = $session->get(SecurityContext::AUTHENTICATION_ERROR);
        }

        return $this->render('SimpleProfileBundle:Security:login.html.twig', array(
            // last username entered by the user
            'last_username' => $session->get(SecurityContext::LAST_USERNAME),
            'error'         => $error,
        ));
    }

    public function dumpStringAction()
    {
        return $this->render('SimpleProfileBundle:Security:dumpString.html.twig', array());
    }
}

Registration.php 

<?php
// src/Simple\ProfileBundle/Form/Model/Registration.php
namespace Simple\ProfileBundle\Form\Model;

use Symfony\Component\Validator\Constraints as Assert;

use Simple\ProfileBundle\Entity\User;

class Registration
{
/**
 * @Assert\Type(type="Simple\ProfileBundle\Entity\User")
 * @Assert\Valid()
 */
protected $user;

/**
 * @Assert\NotBlank()
 * @Assert\True()
 */
protected $termsAccepted;

public function setUser(User $user)
{
    $this->user = $user;
}

public function getUser()
{
    return $this->user;
}

public function getTermsAccepted()
{
    return $this->termsAccepted;
}

public function setTermsAccepted($termsAccepted)
{
    $this->termsAccepted = (Boolean) $termsAccepted;
}
}

I hope someone can help me out on this? Cheers

1 answers

solution1
 1  2014-04-29 12:43:31

Well, your security.yml specifies sha1 encoding, but you stated your password are in plaintext. That would likely be the issue.

Looks like to use plaintext encoding, you'd just remove the encoding block from your configuration.

I'm going to strongly discourage you from using plaintext encoding. In fact, security and hashing is hard. Don't do it yourself. Use FOSUserBundle: https://github.com/FriendsOfSymfony/FOSUserBundle

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Symfony2 Login - Bad Credentials Symfony2 Security login AdvancedUserInterface bad credentials symfony2 FOSUserBundle login returns 'bad credentials' Bad credentials in authentication / login - Symfony2 Bad credentials in Symfony2 Symfony2 Login SHA512 - Bad Credentials Symfony2 Change Message “Bad credentials.” on login Bad credentials when logging in - Symfony2 Symfony2 - Show bad credentials error Symfony2, login using database, bad credentials error, No database queries were performed
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM