2015-03-13 347 views
3

我知道這是常見的事情,但我無法找到我正在做的錯誤,我越來越瘋狂。Symfony2登錄身份驗證

我不能登錄表單登錄,當我提交表單,它返回到自身沒有錯誤,而不是認證。

在此先感謝!

這裏是我的security.yml

security: 
    encoders: 
     Symfony\Component\Security\Core\User\User: plaintext 
     #Cityincheck\AppBundle\Entity\User: 
      #algorithm: bcrypt 
      #cost: 12 

role_hierarchy: 
    ROLE_ADMIN:  ROLE_USER 

providers: 
    in_memory: 
     memory: 
      users: 
       ryan: 
        password: ryanpass 
        roles: 'ROLE_USER' 
       admin: 
        password: kitten 
        roles: 'ROLE_ADMIN' 

firewalls: 
    dev: 
     pattern: ^/(_(profiler|wdt)|css|images|js)/ 
     security: false 

    login_firewall: 
     pattern: ^/login$ 
     anonymous: ~ 
    admin_area: 
     pattern: ^/* 
     form_login: 
      check_path: /login_check 
      login_path: /login 
      provider: in_memory 
      default_target_path: /admin 
     logout: 
      path: admin_logout 
      target: admin_login 
     #anonymous: ~ 
     #http_basic: 
     # realm: "Secured Demo Area" 

access_control: 
    - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY } 
    - { path: ^/admin, roles: ROLE_ADMIN } 

我的routing.yml

admin_login: 
    path: /login 
    defaults: { _controller: AppBundle:AccessControl:login } 

admin_login_check: 
    path: /login_check 

而且我的控制器:

class AccessControlController extends Controller 
{ 

public function loginAction(Request $request) 
{ 
    $session = $request->getSession(); 

    // get the login error if there is one 
    if ($request->attributes->has(SecurityContextInterface::AUTHENTICATION_ERROR)) { 
     $error = $request->attributes->get(
      SecurityContextInterface::AUTHENTICATION_ERROR 
     ); 
    } elseif (null !== $session && $session->has(SecurityContextInterface::AUTHENTICATION_ERROR)) { 
     $error = $session->get(SecurityContextInterface::AUTHENTICATION_ERROR); 
     $session->remove(SecurityContextInterface::AUTHENTICATION_ERROR); 
    } else { 
     $error = null; 
    } 

    // last username entered by the user 
    $lastUsername = (null === $session) ? '' : $session->get(SecurityContextInterface::LAST_USERNAME); 

    return $this->render(
     'AppBundle::login.html.twig', 
     array(
      // last username entered by the user 
      'last_username' => $lastUsername, 
      'error'   => $error, 
     ) 
    ); 
} 
} 
+0

你已經安裝了FOSUserBundle?這是我用於登錄/身份驗證。它幾乎爲你做。 – 2015-11-04 12:16:42

回答

0

的問題是在你的security.yml。當有人發送表單時,瀏覽器向/ login_check發送HTTP請求以檢查登錄名和密碼。但是,由於用戶未通過身份驗證,因此應用不允許這樣做。 您必須添加 '/ login_check' 到ACCESS_CONTROL

access_control: 
    - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY } 
    - { path: ^/login_check, roles: IS_AUTHENTICATED_ANONYMOUSLY } 
    - { path: ^/admin, roles: ROLE_ADMIN } 

或者說

access_control: 
    - { path: ^/login$, roles: IS_AUTHENTICATED_ANONYMOUSLY } 
    - { path: ^/admin, roles: ROLE_ADMIN }