大家好,我一直在尝试建立一个登录系统,但在多次不同的尝试中,我仍然收到错误的凭据消息。我怀疑这与我的编码不匹配有关,我已经解开了密码,所以它们存储在数据库中,就像用户键入它一样,我仍然收到这个消息。
User.php:
<?php
namespace Simple'ProfileBundle'Entity;
use Symfony'Component'Security'Core'User'UserInterface;
use Doctrine'ORM'Mapping as ORM;
/**
* @ORM'Entity
* @ORM'Table(name="users")
*/
class User implements UserInterface
{
/**
* @ORM'Id
* @ORM'Column(type="integer")
* @ORM'GeneratedValue(strategy="AUTO")
*/
protected $id;
/**
* @ORM'Column(name="user", type="string", length=255)
*/
protected $username;
/**
* @ORM'Column(name="password", type="string", length=255)
*/
protected $password;
/**
* @ORM'Column(name="salt", type="string", length=255)
*/
protected $salt;
/**
* @ORM'ManyToMany(targetEntity="Role")
* @ORM'JoinTable(name="user_role",
* joinColumns={@ORM'JoinColumn(name="user_id", referencedColumnName="id")},
* inverseJoinColumns={@ORM'JoinColumn(name="role_id", referencedColumnName="id")}
* )
*/
protected $roles;
/**
* @inheritDoc
*/
public function getUsername()
{
return $this->username;
}
/**
* @inheritDoc
*/
public function getSalt()
{
return $this->salt;
}
/**
* @inheritDoc
*/
public function getPassword()
{
return $this->password;
}
/**
* @inheritDoc
*/
public function getRoles()
{
return array('ROLE_USER');
}
/**
* @inheritDoc
*/
public function eraseCredentials()
{
}
/**
* Constructor
*/
public function __construct()
{
$this->roles = new 'Doctrine'Common'Collections'ArrayCollection();
$this->salt = sha1(uniqid(null, true));
}
/**
* Get id
*
* @return integer
*/
public function getId()
{
return $this->id;
}
/**
* Set user
*
* @param string $user
* @return User
*/
public function setUser($user)
{
$this->user = $user;
return $this;
}
/**
* Get user
*
* @return string
*/
public function getUser()
{
return $this->user;
}
/**
* Set password
*
* @param string $password
* @return User
*/
public function setPassword($password)
{
$this->password = $password;
return $this;
}
/**
* Set salt
*
* @param string $salt
* @return User
*/
public function setSalt($salt)
{
$this->salt = $salt;
return $this;
}
/**
* Add roles
*
* @param 'Simple'ProfileBundle'Entity'Role $roles
* @return User
*/
public function addRole('Simple'ProfileBundle'Entity'Role $roles)
{
$this->roles[] = $roles;
return $this;
}
/**
* Remove roles
*
* @param 'Simple'ProfileBundle'Entity'Role $roles
*/
public function removeRole('Simple'ProfileBundle'Entity'Role $roles)
{
$this->roles->removeElement($roles);
}
/**
* Set username
*
* @param string $username
* @return User
*/
public function setUsername($username)
{
$this->username = $username;
return $this;
}
}
security.yml:
security:
encoders:
Simple'ProfileBundle'Entity'User:
algorithm: sha1
role_hierarchy:
ROLE_ADMIN: [ROLE_USER]
providers:
user_db:
entity: { class: Simple'ProfileBundle'Entity'User, property: username }
firewalls:
main:
pattern: /.*
provider: user_db
form_login:
login_path: /login
check_path: /login_check
remember_me: true
logout:
path: /logout
target: /
remember_me:
key: MiPassphrase
lifetime: 1800
path: /.*
domain: ~
security: true
anonymous: true
access_control:
- { path: /login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: /user, roles: ROLE_USER }
- { path: /admin, roles: ROLE_ADMIN }
- { path: /.*, roles: IS_AUTHENTICATED_ANONYMOUSLY }
SecurityController.php:
<?php
namespace Simple'ProfileBundle'Controller;
use Symfony'Bundle'FrameworkBundle'Controller'Controller;
use Symfony'Component'Security'Core'SecurityContext;
class SecurityController extends Controller
{
public function loginAction()
{
$request = $this->getRequest();
$session = $request->getSession();
// get the login error if there is one
if ($request->attributes->has(SecurityContext::AUTHENTICATION_ERROR)) {
$error = $request->attributes->get(SecurityContext::AUTHENTICATION_ERROR);
} else {
$error = $session->get(SecurityContext::AUTHENTICATION_ERROR);
}
return $this->render('SimpleProfileBundle:Security:login.html.twig', array(
// last username entered by the user
'last_username' => $session->get(SecurityContext::LAST_USERNAME),
'error' => $error,
));
}
public function dumpStringAction()
{
return $this->render('SimpleProfileBundle:Security:dumpString.html.twig', array());
}
}
注册.php
<?php
// src/Simple'ProfileBundle/Form/Model/Registration.php
namespace Simple'ProfileBundle'Form'Model;
use Symfony'Component'Validator'Constraints as Assert;
use Simple'ProfileBundle'Entity'User;
class Registration
{
/**
* @Assert'Type(type="Simple'ProfileBundle'Entity'User")
* @Assert'Valid()
*/
protected $user;
/**
* @Assert'NotBlank()
* @Assert'True()
*/
protected $termsAccepted;
public function setUser(User $user)
{
$this->user = $user;
}
public function getUser()
{
return $this->user;
}
public function getTermsAccepted()
{
return $this->termsAccepted;
}
public function setTermsAccepted($termsAccepted)
{
$this->termsAccepted = (Boolean) $termsAccepted;
}
}
我希望有人能帮我?干杯
好吧,您的security.yml指定了sha1编码,但您声明您的密码是明文的。这可能就是问题所在。
看起来要使用明文编码,只需从配置中删除编码块即可。
我强烈建议您不要使用纯文本编码。事实上,安全性和哈希很难。不要自己做。使用FOSUserBundle:https://github.com/FriendsOfSymfony/FOSUserBundle