我正在使用guard作为我的symfony 4 flex应用程序的身份验证层。
每当我输入用户名和密码时,它都会自动将我重定向到登录页面,没有错误只是重定向我。在我的日志中,它显示我无法登录,但表单没有显示任何内容。
在使用他们的全栈方面,我是symfony的新手,从silex切换到symfony。我一直在查看有关symfony和教程的文档,但没有任何效果。
安全.yml
security:
access_control:
- { path: ^/admin/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/admin, roles: ['ROLE_ADMIN', 'ROLE_SUPERUSER'] }
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
encoders:
AppEntitiesUser:
algorithm: bcrypt
cost: 15
providers:
admin:
id: AppSecurityUserProvidersAdminUserServiceProvider
firewalls:
admin:
anonymous: ~
provider: admin
pattern: ^/admin/
logout:
path: /admin/logout
target: /admin/login
invalidate_session: true
guard:
authenticators:
- AppSecurityAuthenticatorsAdminAuthenticator
main:
anonymous: ~
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
form_login: ~
安全控制器.php
class AuthController extends Controller
{
/**
* @Route("/admin/login", name="adm_login")
* @param Request $request
* @return Response
*/
public function adminLoginAction(Request $request) : Response
{
$utils = $this->get('security.authentication_utils');
return $this->render('Auth/adminLogin.twig', [
'PageTitle' => 'Login',
'error' => $utils->getLastAuthenticationError()
]);
}
/**
* @Route("/admin/authenticate", name="security_login_check")
*/
public function loginCheckAction()
{
}
/**
* @Route("/admin/logout", name="logout")
*/
public function logoutAction()
{
}
}
adminLogin.twig
{% extends 'Shared/admin-login.twig' %}
{% block headJavascript %}
<script type="application/javascript" src="{{ absolute_url('/assets/dependencies/jquery-validation/js/jquery.validate.min.js') }}"></script>
{% endblock %}
{% block loginForm %}
<div class="login-box">
<div class="login-logo">
Admin Login
</div>
<div class="login-box-body">
{% if error %}
<div class="alert alert-danger" role="alert">
<span class="fa fa-exclamation-circle"></span> {{ error.messageKey }}
</div>
{% endif %}
<p class="login-box-msg">Sign in to start your session</p>
<form role="form" id="frmLogin" action="{{ path('security_login_check') }}" method="post">
<div class="form-group has-feedback">
<label for="eml" class="sr-only">Email Address</label>
<input type="email" id="eml" name="_username" class="form-control" placeholder="Email Address">
<span class="fa fa-envelope form-control-feedback"></span>
</div>
<div class="form-group has-feedback">
<label for="pwd" class="sr-only">Password</label>
<input type="password" id="pwd" name="_password" class="form-control" placeholder="Password">
<span class="fa fa-lock form-control-feedback"></span>
</div>
<div class="row">
<div class="col-xs-8">
</div>
<div class="col-xs-4">
<input type="hidden" name="_csrf_token" value="{{ csrf_token('frmLogin') }}">
<button type="submit" class="btn btn-primary btn-block btn-flat">
<span class="fa fa-sign-in"></span> Sign In
</button>
</div>
</div>
</form>
<a href="{{ path('AccountRecovery') }}">I forgot my password</a><br>
</div>
</div>
{% endblock %}
{% block bottomJavascript %}
<script type="application/javascript" src="{{ absolute_url('/assets/dependencies/jquery-validation/js/jquery.validate.min.js') }}"></script>
<script type="application/javascript" src="{{ absolute_url('/assets/js/lib/auth/admin-login.js') }}"></script>
{% endblock %}
管理员身份验证器.php
class AdminAuthenticator extends AbstractFormLoginAuthenticator
{
private $encoderFactory;
private $csrfTokenManager;
private $userService;
private $failMessage = 'Invalid credentials';
private $loginUrl = '/admin/login';
private $successUrl = '/admin/';
public function __construct(UserService $userService, EncoderFactoryInterface $encoderFactory, CsrfTokenManagerInterface $csrfTokenManager)
{
$this->userService = $userService;
$this->encoderFactory = $encoderFactory;
$this->csrfTokenManager = $csrfTokenManager;
}
public function getCredentials(Request $request)
{
if ($request->getPathInfo() !== '/admin/authenticate'|| !$request->isMethod('POST'))
{
return null;
}
$csrfToken = $request->request->filter('_csrf_token', null, FILTER_SANITIZE_STRING);
if (false === $this->csrfTokenManager->isTokenValid(new CsrfToken('authenticate', $csrfToken))) {
throw new InvalidCsrfTokenException('Invalid session token.');
}
return [
'username' => $request->request->filter('_username', null, FILTER_SANITIZE_STRING),
'password' => $request->request->filter('_password', null, FILTER_SANITIZE_STRING),
];
}
public function getUser($credentials, UserProviderInterface $userProvider) : ?UserInterface
{
try
{
if (!$userProvider instanceof AdminUserServiceProvider)
{
throw new CustomUserMessageAuthenticationException('Invalid Provider');
}
return $userProvider->loadUserByUsername($credentials['username']);
}
catch (UsernameNotFoundException $e)
{
throw new CustomUserMessageAuthenticationException($e->getMessage());
}
}
public function checkCredentials($credentials, UserInterface $user) : bool
{
$encoder = $this->encoderFactory->getEncoder($user);
if ($encoder->isPasswordValid($user->getPassword(), $credentials['password'], $user->getSalt()))
{
return true;
}
throw new CustomUserMessageAuthenticationException($this->failMessage);
}
public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey) : ?Response
{
return new RedirectResponse($this->successUrl);
}
public function supportsRememberMe() : bool
{
return false;
}
protected function getLoginUrl() : string
{
return $this->loginUrl;
}
public function supports(Request $request) : ?bool
{
return $request->headers->has('_username') && $request->headers->has('_password');
}
}
错误日志:
[2018-05-15 23:04:38] request.INFO: Matched route "security_login_check". {"route":"security_login_check","route_parameters":{"_controller":"App\Controller\AuthController::loginCheckAction","_route":"security_login_check"},"request_uri":"http://dev.local.com/admin/authenticate","method":"POST"} []
[2018-05-15 23:04:38] security.DEBUG: Checking for guard authentication credentials. {"firewall_key":"admin","authenticators":1} []
[2018-05-15 23:04:38] security.DEBUG: Calling getCredentials() on guard configurator. {"firewall_key":"admin","authenticator":"App\Security\Authenticators\AdminAuthenticator"} []
[2018-05-15 23:04:38] security.INFO: Populated the TokenStorage with an anonymous Token. [] []
[2018-05-15 23:04:38] security.DEBUG: Access denied, the user is not fully authenticated; redirecting to authentication entry point. {"exception":"[object] (Symfony\Component\Security\Core\Exception\AccessDeniedException(code: 403): Access Denied. at /var/www/Websites/dev.local.com/vendor/symfony/security/Http/Firewall/AccessListener.php:68)"} []
[2018-05-15 23:04:38] security.DEBUG: Calling Authentication entry point. [] []
[2018-05-15 23:04:38] request.INFO: Matched route "adm_login". {"route":"adm_login","route_parameters":{"_controller":"App\Controller\AuthController::adminLoginAction","_route":"adm_login"},"request_uri":"http://dev.local.com/site-admin/login","method":"GET"} []
[2018-05-15 23:04:38] security.DEBUG: Checking for guard authentication credentials. {"firewall_key":"admin","authenticators":1} []
[2018-05-15 23:04:38] security.DEBUG: Calling getCredentials() on guard configurator. {"firewall_key":"admin","authenticator":"App\Security\Authenticators\AdminAuthenticator"} []
[2018-05-15 23:04:38] security.INFO: Populated the TokenStorage with an anonymous Token. [] []
你在这里犯了一些错误
- 请求 url 和方法的检查应该在
supports方法中。 - 您正在
supports方法中查找标头而不是请求变量。
将其替换为以下内容。
public function supports(Request $request) : ?bool
{
return $request->request->has('_username') && $request->request->has('_password');
}