Php 具有Symfony安全性的简单登录表单
我尝试使用本教程创建登录表单: 现在,我的security.yml文件如下所示:Php 具有Symfony安全性的简单登录表单,php,symfony,Php,Symfony,我尝试使用本教程创建登录表单: 现在,我的security.yml文件如下所示: security: providers: in_memory: memory: users: ryan: password: ryanpass roles: 'ROLE_USER'
security:
providers:
in_memory:
memory:
users:
ryan:
password: ryanpass
roles: 'ROLE_USER'
admin:
password: kitten
roles: 'ROLE_ADMIN'
encoders:
Symfony\Component\Security\Core\User\User: plaintext
firewalls:
login_firewall:
pattern: ^/login$
anonymous: ~
secured_area:
pattern: ^/
anonymous: ~
form_login:
login_path: login
check_path: login
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
access_control:
- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- { path: ^/, roles: ROLE_USER }
保安主任:
class SecurityController extends Controller
{
/**
* @Route("/login", name="login")
*/
public function loginAction(Request $request)
{
$authenticationUtils = $this->get('security.authentication_utils');
// get the login error if there is one
$error = $authenticationUtils->getLastAuthenticationError();
// last username entered by the user
$lastUsername = $authenticationUtils->getLastUsername();
return $this->render(
'AppBundle:Security:login.html.twig',
array(
// last username entered by the user
'last_username' => $lastUsername,
'error' => $error,
)
);
}
}
/**
* @Route("/login_check", name="login_check")
*/
public function loginAction()
{
// The security layer will intercept this request, else redirect to login page
$this->addFlash('warning', $this->get('translator')->trans('login_expired'));
return $this->redirect($this->generateUrl('login'));
}
/**
* @Route("/logout", name="logout")
*/
public function logoutAction()
{
// The security layer will intercept this request, else redirect to login page
$this->addFlash('warning', $this->get('translator')->trans('login_expired'));
return $this->redirect($this->generateUrl('login'));
}
所以基本上,它不能正常工作。发送登录表单后,什么都没有发生,我不知道为什么。我认为安全配置是错误的。谁能帮帮我吗?我不知道出了什么问题。将
检查路径
更改为其他路径,如登录检查
,并将登录检查
和注销
操作添加到控制器:
class SecurityController extends Controller
{
/**
* @Route("/login", name="login")
*/
public function loginAction(Request $request)
{
$authenticationUtils = $this->get('security.authentication_utils');
// get the login error if there is one
$error = $authenticationUtils->getLastAuthenticationError();
// last username entered by the user
$lastUsername = $authenticationUtils->getLastUsername();
return $this->render(
'AppBundle:Security:login.html.twig',
array(
// last username entered by the user
'last_username' => $lastUsername,
'error' => $error,
)
);
}
}
/**
* @Route("/login_check", name="login_check")
*/
public function loginAction()
{
// The security layer will intercept this request, else redirect to login page
$this->addFlash('warning', $this->get('translator')->trans('login_expired'));
return $this->redirect($this->generateUrl('login'));
}
/**
* @Route("/logout", name="logout")
*/
public function logoutAction()
{
// The security layer will intercept this request, else redirect to login page
$this->addFlash('warning', $this->get('translator')->trans('login_expired'));
return $this->redirect($this->generateUrl('login'));
}
另外,请确保登录表单向登录检查发送帖子
:
<form id="loginForm" action="{{ path('login_check') }}" method="post">
谢谢你,但没用。似乎安全捆绑包无法处理POST请求。您确定表单将POST发送到检查路径
?除此之外,您的yml
中的间距似乎是错误的。有四个空格吗?我放弃了更改操作属性,但现在我得到了“login\u expired”警告。这意味着安全层不使用login\u check
作为check\u路径,否则请求被拦截。您确定您的配置路径正确吗?确定。我发现了问题所在。“登录防火墙”阻止了POST请求。这解决了我的问题:login\u check\u firewall:pattern:^/login\u check anonymous:~
如果您尝试使用角色\u ADMIN登录,您可能会发现问题。您没有配置角色\u层次结构,在该层次结构中,您可以告诉symfony哪个角色继承其他角色。在访问控制中,您只允许角色用户输入。也许这就是问题所在?此外,您应该在防火墙中提供默认的\u目标\u路径。。。