在过去的几天里,我一直在努力使用Symfony/Doctrine登录数据库用户,现在我很困(顺便说一句,我是Symfony的新手)。我使用in_memory提供程序(首先)登录,但现在我想使用数据库用户登录,我只是不知道出了什么问题。
我一遍又一遍地查看文件,我想我把一切都做好了。当我尝试登录时,它只会显示"无效凭据"。我不得不觉得这与安全有关。yml但我已经尽力了。下面是我的代码;
security.yml;
security:
providers:
provider_users:
entity:
class: AppBundle:User
property: username
encoders:
AppBundle'Entity'User:
algorithm: bcrypt
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
main:
pattern: ^/
anonymous: ~
provider: provider_users
form_login:
login_path: login
check_path: login
access_control:
- { path: ^/admin, roles: ROLE_ADMIN }
User.php;
<?php
// src/AppBundle/Entity/User.php
namespace AppBundle'Entity;
use Symfony'Component'Security'Core'User'UserInterface;
use Doctrine'ORM'Mapping as ORM;
/**
* AppBundle'Entity'User
*
* @ORM'Table(name="users")
* @ORM'Entity(repositoryClass="AppBundle'Entity'UserRepository")
*/
class User implements UserInterface, 'Serializable
{
/**
* @ORM'Column(name="id", type="integer")
* @ORM'Id()
* @ORM'GeneratedValue(strategy="AUTO")
*/
private $id;
/**
* @ORM'Column(name="username", type="string", length=25, unique=true)
*/
private $username;
/**
* @ORM'Column(name="salt", type="string", length=40)
*/
private $salt;
/**
* @ORM'Column(name="password", type="string", length=40)
*/
private $password;
/**
* @ORM'Column(name="email", type="string", length=60, unique=true)
*/
private $email;
/**
* @ORM'Column(name="roles", type="string")
*/
private $roles;
/**
* @ORM'Column(name="is_active", type="boolean")
*/
private $isActive;
public function __construct()
{
$this->isActive = true;
$this->salt = base_convert(sha1(uniqid(mt_rand(), true)), 16, 36);
}
public function eraseCredentials()
{
//
}
/** @see 'Serializable::serialize() */
public function serialize()
{
return serialize(array(
$this->id,
$this->username,
$this->password,
));
}
/** @see 'Serializable::unserialize() */
public function unserialize($serialized)
{
list (
$this->id,
$this->username,
$this->password,
) = unserialize($serialized);
}
/**
* Get id
*
* @return integer
*/
public function getId()
{
return $this->id;
}
/**
* Set username
*
* @param string $username
*
* @return User
*/
public function setUsername($username)
{
$this->username = $username;
return $this;
}
/**
* Get username
*
* @return string
*/
public function getUsername()
{
return $this->username;
}
/**
* Set salt
*
* @param string $salt
*
* @return User
*/
public function setSalt($salt)
{
$this->salt = $salt;
return $this;
}
/**
* Get salt
*
* @return string
*/
public function getSalt()
{
return $this->salt;
}
/**
* Set password
*
* @param string $password
*
* @return User
*/
public function setPassword($password)
{
$this->password = $password;
return $this;
}
/**
* Get password
*
* @return string
*/
public function getPassword()
{
return $this->password;
}
/**
* Set email
*
* @param string $email
*
* @return User
*/
public function setEmail($email)
{
$this->email = $email;
return $this;
}
/**
* Get email
*
* @return string
*/
public function getEmail()
{
return $this->email;
}
/**
* Set roles
*
* @param string $roles
*
* @return User
*/
public function setRoles($roles)
{
$this->roles = json_encode($roles);
return $this;
}
/**
* Get roles
*
* @return string[]
*/
public function getRoles()
{
return json_decode($this->roles);
}
/**
* Set isActive
*
* @param boolean $isActive
*
* @return User
*/
public function setIsActive($isActive)
{
$this->isActive = $isActive;
return $this;
}
/**
* Get isActive
*
* @return boolean
*/
public function getIsActive()
{
return $this->isActive;
}
}
我还测试了是否可以使用getRepository()->findAll()"手动"获取用户,这看起来不错;
array (size=1)
0 =>
object(AppBundle'Entity'User)[323]
private 'id' => int 20
private 'username' => string 'user' (length=4)
private 'salt' => string 'mqshzqa9syok0kw8ss4cscc84k4k804' (length=31)
private 'password' => string 'user1' (length=5)
private 'email' => string 'user@localhost.com' (length=18)
private 'roles' => string '' (length=0)
private 'isActive' => boolean true
success!
有什么建议吗?提前感谢!
您需要使用bcrypt加密密码。添加安全性之前,用户可能在数据库中。尝试在php中添加另一个具有加密密码的用户,例如:string crypt(string$str[,string$salt])
在密码字段"用户:"中插入的字符串user->setPassword("您的加密字符串")