Php 验证用户是否在symfony2中经过身份验证
我试图在symfony2中创建一个简单的登录应用程序,但我一点也不懂。 我的路由文件:Php 验证用户是否在symfony2中经过身份验证,php,symfony,symfony-forms,symfony-2.1,symfony-2.3,Php,Symfony,Symfony Forms,Symfony 2.1,Symfony 2.3,我试图在symfony2中创建一个简单的登录应用程序,但我一点也不懂。 我的路由文件: shop_show_login_page: path: /login defaults: { _controller: ShopDesktopBundle:User:loginPage } shop_login_user: path: /loginUser defaults: { _controller: ShopDesktopBundle:User:loginCheck } 我的控制器使用以下两种方法:
shop_show_login_page:
path: /login
defaults: { _controller: ShopDesktopBundle:User:loginPage }
shop_login_user:
path: /loginUser
defaults: { _controller: ShopDesktopBundle:User:loginCheck }
我的控制器使用以下两种方法:
public function loginPageAction(){
return $this->render('ShopDesktopBundle:User:loginPage.html.twig');
}
public function loginCheckAction(Request $request){
$request = $this->get('request');
$password = $request->request->get('password');
$login = $request->request->get('username');
$em = $this->getDoctrine()->getEntityManager();
$repository = $em->getRepository('ShopDesktopBundle:Customer');
$user = $repository->findOneBy(array('customer_login'=> $login, 'customer_password'=> $password));
if($user){
return $this->redirect($this->generateUrl('shop_desktop_homepage'));
}else{
return $this->render('ShopDesktopBundle:User:loginPage.html.twig',array('message_failed' => 'Error'));
}
}
我的看法是:
<form action="{{ path('shop_login_user') }}" method="post">
<div class="form-group">
<div class="input-group">
<span class="input-group-addon"><i class="fa fa-user"></i></span>
<input type="text" class="form-control" placeholder="Username" name="username">
</div>
</div>
<div class="form-group">
<div class="input-group">
<span class="input-group-addon"><i class="fa fa-lock"></i></span>
<input type="text" class="form-control" placeholder="Password" name="password">
</div>
</div>
<div class="form-group">
<button type="submit" class="button">Autentificare</button>
</div>
</form>
因此,我想在页面“测试”中查看用户是否已成功进行身份验证,如果身份验证失败,则登录/注册。我尝试过使用“if app.user”,但我不理解其原理。有几种方法可以检查用户是否经过身份验证 一个是您尝试使用的
app.user
,如下所示:
{% if app.user is not empty %}
这将检查您的用户对象是否填充了数据
您也可以使用
-更新-
您在评论中提供的错误可能是由于您试图在不在防火墙后面的情况下使用已被授予
功能。在这种情况下,如果app.security.token不为空,则可以先检查是否有安全令牌,然后再使用调用授予。你会包括你的security.yml文件吗
-更新-
您的安全文件需要正确设置,以便您的身份验证工作。默认行为设置为给您一个起点,但您必须配置防火墙。请仔细阅读Symfony中的章节。提交表单后,调试工具栏是否显示您已登录?我收到错误:在呈现模板期间引发了异常(“令牌存储不包含身份验证令牌。一个可能的原因可能是没有为此URL配置防火墙。“@Gigel,添加了更多的信息。我添加了安全性。yml,我没有更改它们,只是default@Gigel,您还需要配置安全性。我添加了指向您应该阅读的章节的链接。您使用的是哪个版本的Symfony???问题有多个版本标签(2.1和2.3)重复。
security:
# http://symfony.com/doc/current/book/security.html#encoding-the-user-s-password
encoders:
Symfony\Component\Security\Core\User\User: plaintext
# http://symfony.com/doc/current/book/security.html#hierarchical-roles
role_hierarchy:
ROLE_ADMIN: ROLE_USER
ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]
# http://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
providers:
in_memory:
memory:
users:
user: { password: userpass, roles: [ 'ROLE_USER' ] }
admin: { password: adminpass, roles: [ 'ROLE_ADMIN' ] }
# the main part of the security, where you can set up firewalls
# for specific sections of your app
firewalls:
# disables authentication for assets and the profiler, adapt it according to your needs
secured_area:
pattern: ^/
form_login:
check_path: shop_login_user
login_path: shop_show_login_page
logout:
path: _demo_logout
target: _demo
#anonymous: ~
#http_basic:
# realm: "Secured Demo Area"
# with these settings you can restrict or allow access for different parts
# of your application based on roles, ip, host or methods
# http://symfony.com/doc/current/cookbook/security/access_control.html
access_control:
#- { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY, requires_channel: https }
{% if app.user is not empty %}
{% if is_granted('IS_AUTHENTICATED_FULLY') %}