1

I don't know, how create authentication in Symfony 3.2

I want load Security Users from the Database. I use msyql in my project.

My security.yml:

# app/config/security.yml
security:
 encoders:
    Delivery\AdminBundle\Entity\User:
        algorithm: bcrypt

 providers:
    our_db_provider:
        entity:
            class: DeliveryAdminBundle:User
            property: username

 access_control:
    - { path: ^/admin, roles: ROLE_USER }

 firewalls:
    main:
        pattern:    ^/admin
        http_basic: ~
        provider: our_db_provider

User.php:

    <?php
namespace Delivery\AdminBundle\Entity;

use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Security\Core\User\UserInterface;

/**
 * @ORM\Table(name="app_users")
 * @ORM\Entity(repositoryClass="Delivery\AdminBundle\Repository\UserRepository")
 */
class User implements UserInterface, \Serializable
{
    /**
     * @ORM\Column(type="integer")
     * @ORM\Id
     * @ORM\GeneratedValue(strategy="AUTO")
     */
    private $id;

    /**
     * @ORM\Column(type="string", length=25, unique=true)
     */
    private $username;

    /**
     * @ORM\Column(type="string", length=64)
     */
    private $password;

    /**
     * @ORM\Column(type="string", length=60, unique=true)
     */
    private $email;

    /**
     * @ORM\Column(name="is_active", type="boolean")
     */
    private $isActive;

    public function __construct()
    {
        $this->isActive = true;
        // may not be needed, see section on salt below
        // $this->salt = md5(uniqid(null, true));
    }

    public function getUsername()
    {
        return $this->username;
    }

    public function getSalt()
    {
        // you *may* need a real salt depending on your encoder
        // see section on salt below
        return null;
    }

    public function getPassword()
    {
        return $this->password;
    }

    public function getRoles()
    {
        return array('ROLE_USER');
    }

    public function eraseCredentials()
    {
    }

    /** @see \Serializable::serialize() */
    public function serialize()
    {
        return serialize(array(
            $this->id,
            $this->username,
            $this->password,
            // see section on salt below
            // $this->salt,
        ));
    }

    /** @see \Serializable::unserialize() */
    public function unserialize($serialized)
    {
        list (
            $this->id,
            $this->username,
            $this->password,
            // see section on salt below
            // $this->salt
        ) = unserialize($serialized);
    }

    /**
     * Get id
     *
     * @return integer
     */
    public function getId()
    {
        return $this->id;
    }

    /**
     * Set username
     *
     * @param string $username
     *
     * @return User
     */
    public function setUsername($username)
    {
        $this->username = $username;

        return $this;
    }

    /**
     * Set password
     *
     * @param string $password
     *
     * @return User
     */
    public function setPassword($password)
    {
        if ($password) {
            $this->password = password_hash($password, PASSWORD_DEFAULT);
        }

        return $this;
    }

    /**
     * Set email
     *
     * @param string $email
     *
     * @return User
     */
    public function setEmail($email)
    {
        $this->email = $email;

        return $this;
    }

    /**
     * Get email
     *
     * @return string
     */
    public function getEmail()
    {
        return $this->email;
    }

    /**
     * Set isActive
     *
     * @param boolean $isActive
     *
     * @return User
     */
    public function setIsActive($isActive)
    {
        $this->isActive = $isActive;

        return $this;
    }

    /**
     * Get isActive
     *
     * @return boolean
     */
    public function getIsActive()
    {
        return $this->isActive;
    }
}

Login in database admin, password admin ($2a$08$jHZj/wJfcVKlIwr5AvR78euJxYK7Ku5kURNhNx.7.CSIJ3Pq6LEPC)

Help!)

Improve this question
8
  • DeliveryAdminBundle:User should be Delivery:AdminBundle:User Commented Feb 1, 2017 at 10:41
  • the problem is not solved Commented Feb 1, 2017 at 11:12
  • So some error returned or simply user is not authenticated? And how did you add user to the db? Commented Feb 1, 2017 at 11:40
  • User is not authenticated. I add manually in mysql Commented Feb 1, 2017 at 11:48
  • Can you post also code of your UserRepository? Commented Feb 1, 2017 at 13:49

1 Answer 1

Reset to default
1

I downloaded your project, reviewed it and the problem is in few things:

1) You have defined your own login action in DeliveryAdminBundle -> SecurityController and login form in corresponding view, so you have to configure form_login and ommit the http_basic in the security configuration to make it work.

In your App\Config\security.yml modify your firewalls -> main section to:

    pattern: ^/admin
    provider: our_db_provider
    anonymous: ~
    form_login:
      login_path: _security_login      #login route
      check_path: _security_check      #credentials check route
      failure_path: _security_login    #failed login route
      default_target_path: a_home      #successfull login route
    logout:
      path: _security_logout           #logout route
      target: f_home                   #route to redirect after logout

2) Because you have your security configuration under DeliveryAdminBundle, you have to modify App\Config\routing.yml to make login / logout routes work properly.

...
security_conf:
    resource: "@DeliveryAdminBundle/Resources/config/routing/security.yml"
    prefix:   /admin

3) Because after step 2 your login route will point to ../admin/login, you have to make it accessible for non-autheticated users to let them log in. So in your App\Config\security.yml modify the access_control section to:

access_control:
  - { path: ^/admin/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
  - { path: ^/admin, roles: ROLE_USER }

4) Symfony's default names for login form fiedls are _username and _password, so modify your AdminBundle\Resources\views\Security\login.html.twig or change default formfield names in security.yml

Your encoders and providers configuration is perfecly fine as posted above, I was wrong with my first comment. I was confused by Delivery\AdminBundle namespace, but obviously you have bundle named DeliveryAdminBundle. It is a bit confusing, I would recommend you different naming strategy, but it's up to you.

Improve this answer
Sign up to request clarification or add additional context in comments.

Comments

Your Answer

By clicking “Post Your Answer”, you agree to our terms of service and acknowledge you have read our privacy policy.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.