我是 symfony2 和学说的新手。我正在尝试基于文档和一些教程的身份验证系统。我不知道为什么我觉得它那么难。
这是我根据 2 个单独的教程所做的。
我的 用户 实体:
<?php
// src/Acme/UserBundle/Entity/User.php
namespace Login\LoginBundle\Entity;
use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Security\Core\User\UserInterface;
/**
* Login\LoginBundle\Entity\User
*
* @ORM\Table(name="tb_user")
* @ORM\Entity(repositoryClass="Login\LoginBundle\Entity\UserRepository")
*/
class User implements UserInterface, \Serializable
{
/**
* @ORM\Column(type="integer")
* @ORM\Id
* @ORM\GeneratedValue(strategy="AUTO")
*/
private $id;
/**
* @ORM\Column(type="string", length=25, unique=true)
*/
private $username;
/**
* @ORM\Column(type="string", length=32)
*/
private $salt;
/**
* @ORM\Column(type="string", length=64)
*/
private $password;
/**
* @ORM\Column(type="string", length=60, unique=true)
*/
private $email;
/**
* @ORM\Column(name="is_active", type="boolean")
*/
private $isActive;
public function __construct()
{
$this->isActive = true;
$this->salt = md5(uniqid(null, true));
}
/**
* @inheritDoc
*/
public function getUsername()
{
return $this->username;
}
/**
* @inheritDoc
*/
public function getSalt()
{
return $this->salt;
}
/**
* @inheritDoc
*/
public function getPassword()
{
return $this->password;
}
/**
* @inheritDoc
*/
public function getRoles()
{
return array('ROLE_USER');
}
/**
* @inheritDoc
*/
public function eraseCredentials()
{
}
/**
* @see \Serializable::serialize()
*/
public function serialize()
{
return serialize(array(
$this->id,
$this->username,
$this->salt,
$this->password,
));
}
/**
* @see \Serializable::unserialize()
*/
public function unserialize($serialized)
{
list (
$this->id,
$this->username,
$this->salt,
$this->password,
) = unserialize($serialized);
}
/**
* Get id
*
* @return integer
*/
public function getId()
{
return $this->id;
}
/**
* Set username
*
* @param string $username
* @return User
*/
public function setUsername($username)
{
$this->username = $username;
return $this;
}
/**
* Set salt
*
* @param string $salt
* @return User
*/
public function setSalt($salt)
{
$this->salt = $salt;
return $this;
}
/**
* Set password
*
* @param string $password
* @return User
*/
public function setPassword($password)
{
$this->password = $password;
return $this;
}
/**
* Set email
*
* @param string $email
* @return User
*/
public function setEmail($email)
{
$this->email = $email;
return $this;
}
/**
* Get email
*
* @return string
*/
public function getEmail()
{
return $this->email;
}
/**
* Set isActive
*
* @param boolean $isActive
* @return User
*/
public function setIsActive($isActive)
{
$this->isActive = $isActive;
return $this;
}
/**
* Get isActive
*
* @return boolean
*/
public function getIsActive()
{
return $this->isActive;
}
}
我的 security.yml
# app/config/security.yml
security:
encoders:
Login\LoginBundle\Entity\User:
algorithm: sha512
encode_as_base64: true
iterations: 1
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ]
providers:
administrators:
entity: { class: LoginLoginBundle:User, property: username }
firewalls:
admin_area:
pattern: ^/
anonymous: ~
form_login:
login_path: login
check_path: login_check
logout:
path: /logout
target: /login
access_control:
- { path: ^/admin, roles: ROLE_ADMIN }
我的 Controller
<?php
namespace Login\LoginBundle\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Login\LoginBundle\Entity\User;
use Symfony\Component\Security\Core\Encoder\MessageDigestPasswordEncoder;
class DefaultController extends Controller
{
public function indexAction($name)
{
$user = new User();
$user->setUsername('aa');
$user->setEmail('[email protected]');
$user->setSalt(md5(time()));
$user->setIsActive(false);
$encoder = new MessageDigestPasswordEncoder('sha512',true,1);
$password = $encoder->encodePassword('1234', $user->getSalt());
$user->setPassword($password);
$manager = $this->getDoctrine()->getManager();
$manager->persist($user);
$manager->flush();
return $this->render('LoginLoginBundle:Default:index.html.twig', array('name' => $name));
}
}
所以想法是在调用
/hello/me
时插入用户。并在调用 admin/hello/me
时执行登录。现在第一次迭代后,我的数据库包含这些数据1
d033e22ae348aeb5660fc2140aec35850c4da997
admin
[email protected]
1
但是当我在登录表单中提供
aa
和 1234
作为凭据时,它显示 *bad credentials 。我缺少什么?* 是否有任何简单的教程可以以简单的方式使用 symfony2 描述整个身份验证。还有普通密码。请帮助......请:( 最佳答案
您正在使用生成 128 个字符的哈希的 Sha512。您的密码数据库存储空间为 40 个字符。
尝试生成少于 40 个字符的哈希的 Sha1 或其他哈希算法。或者增加该字段的存储大小。
关于php - 身份验证/登录中的错误凭据 - Symfony2,我们在Stack Overflow上找到一个类似的问题:https://stackoverflow.com/questions/20902172/