我是 symfony2 和学说的新手。我正在尝试基于文档和一些教程的身份验证系统。我不知道为什么我觉得它那么难。

这是我根据 2 个单独的教程所做的。

我的 用户 实体:

<?php
// src/Acme/UserBundle/Entity/User.php
namespace Login\LoginBundle\Entity;

use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Security\Core\User\UserInterface;

/**
 * Login\LoginBundle\Entity\User
 *
 * @ORM\Table(name="tb_user")
 * @ORM\Entity(repositoryClass="Login\LoginBundle\Entity\UserRepository")
 */
class User implements UserInterface, \Serializable
{
    /**
     * @ORM\Column(type="integer")
     * @ORM\Id
     * @ORM\GeneratedValue(strategy="AUTO")
     */
    private $id;

    /**
     * @ORM\Column(type="string", length=25, unique=true)
     */
    private $username;

    /**
     * @ORM\Column(type="string", length=32)
     */
    private $salt;

    /**
     * @ORM\Column(type="string", length=64)
     */
    private $password;

    /**
     * @ORM\Column(type="string", length=60, unique=true)
     */
    private $email;

    /**
     * @ORM\Column(name="is_active", type="boolean")
     */
    private $isActive;

    public function __construct()
    {
        $this->isActive = true;
        $this->salt = md5(uniqid(null, true));
    }

    /**
     * @inheritDoc
     */
    public function getUsername()
    {
        return $this->username;
    }

    /**
     * @inheritDoc
     */
    public function getSalt()
    {
        return $this->salt;
    }

    /**
     * @inheritDoc
     */
    public function getPassword()
    {
        return $this->password;
    }

    /**
     * @inheritDoc
     */
    public function getRoles()
    {
        return array('ROLE_USER');
    }

    /**
     * @inheritDoc
     */
    public function eraseCredentials()
    {
    }

    /**
     * @see \Serializable::serialize()
     */
    public function serialize()
    {
        return serialize(array(
            $this->id,
            $this->username,
            $this->salt,
            $this->password,
        ));
    }

    /**
     * @see \Serializable::unserialize()
     */
    public function unserialize($serialized)
    {
        list (
            $this->id,
            $this->username,
            $this->salt,
            $this->password,
        ) = unserialize($serialized);
    }

    /**
     * Get id
     *
     * @return integer
     */
    public function getId()
    {
        return $this->id;
    }

    /**
     * Set username
     *
     * @param string $username
     * @return User
     */
    public function setUsername($username)
    {
        $this->username = $username;

        return $this;
    }

    /**
     * Set salt
     *
     * @param string $salt
     * @return User
     */
    public function setSalt($salt)
    {
        $this->salt = $salt;

        return $this;
    }

    /**
     * Set password
     *
     * @param string $password
     * @return User
     */
    public function setPassword($password)
    {
        $this->password = $password;

        return $this;
    }

    /**
     * Set email
     *
     * @param string $email
     * @return User
     */
    public function setEmail($email)
    {
        $this->email = $email;

        return $this;
    }

    /**
     * Get email
     *
     * @return string
     */
    public function getEmail()
    {
        return $this->email;
    }

    /**
     * Set isActive
     *
     * @param boolean $isActive
     * @return User
     */
    public function setIsActive($isActive)
    {
        $this->isActive = $isActive;

        return $this;
    }

    /**
     * Get isActive
     *
     * @return boolean
     */
    public function getIsActive()
    {
        return $this->isActive;
    }
}

# app/config/security.yml
security:
    encoders:
        Login\LoginBundle\Entity\User:
            algorithm:        sha512
            encode_as_base64: true
            iterations:       1

    role_hierarchy:
        ROLE_ADMIN:       ROLE_USER
        ROLE_SUPER_ADMIN: [ ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]

    providers:
        administrators:
            entity: { class: LoginLoginBundle:User, property: username }

    firewalls:
        admin_area:
            pattern: ^/
            anonymous: ~
            form_login:
                login_path: login
                check_path: login_check
            logout:
                path:   /logout
                target: /login

    access_control:
        - { path: ^/admin, roles: ROLE_ADMIN }

<?php

namespace Login\LoginBundle\Controller;

use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Login\LoginBundle\Entity\User;
use Symfony\Component\Security\Core\Encoder\MessageDigestPasswordEncoder;

class DefaultController extends Controller
{
    public function indexAction($name)
    {
    $user = new User();
          $user->setUsername('aa');
          $user->setEmail('[email protected]');
          $user->setSalt(md5(time()));
          $user->setIsActive(false);

          $encoder = new MessageDigestPasswordEncoder('sha512',true,1);
          $password = $encoder->encodePassword('1234', $user->getSalt());
          $user->setPassword($password);
          $manager = $this->getDoctrine()->getManager();
          $manager->persist($user);

          $manager->flush();

        return $this->render('LoginLoginBundle:Default:index.html.twig', array('name' => $name));
    }
}

1
d033e22ae348aeb5660fc2140aec35850c4da997
admin
[email protected]
1

您正在使用生成 128 个字符的哈希的 Sha512。您的密码数据库存储空间为 40 个字符。

尝试生成少于 40 个字符的哈希的 Sha1 或其他哈希算法。或者增加该字段的存储大小。