3

I can't log in using default symfony login_check path.

I have the following record in the user table inside database:

id | username | password                         | email | isActive | created             | roles
1    test       098f6bcd4621d373cade4e832627b4f6   NULL    1          2015-11-25 23:56:53   ROLE_USER

I have generated entity based on it. Now I have the following login form:

<form action="{{path('login_check')}}" method="post">
     <input type="hidden" name="_csrf_token" value="{{ csrf_token('authenticate') }}">
     <input type="text" class="form-control" name="login" placeholder="Username">
     <input type="password" class="form-control" name="password" placeholder="Password">
     <input type="submit" class="form-control">
</form>

The security file:

security:
    encoders:
        AppBundle\Entity\Users:
            id: custom.encoder

    providers:
        esaver_users:
            entity:
                class: AppBundle\Entity\User

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        admin_area:
            pattern: ^/
            http_basic: ~

            form_login:
                csrf_provider: form.csrf_provider
                csrf_parameter: _csrf_token
                provider: esaver_users
                check_path: /login_check
                login_path: /
                default_target_path: /
                always_use_default_target_path: true
                username_parameter: login
                password_parameter: password
            logout:
                path:   logout
                target: login

            anonymous: ~

#        default:
#            anonymous: ~

    access_control:
        - { path: ^/$, role: IS_AUTHENTICATED_ANONYMOUSLY}
        - { path: ^/test$, role: ROLE_USER }

Ok, so I created /test route with die() function in it to see if it works, but it does not - when I access this route I get redirected back to the main page.

What is wrong?

user99999
  • 1,994
  • 5
  • 24
  • 45

1 Answers1

0

with your code I was getting too many redirects: ERR_TOO_MANY_REDIRECTS

you need to specify property for your encoder ... and also specify role_hierarchy ... and correctly paths/form paths

security:
    encoders:
        AppBundle\Entity\Users:
            id: custom.encoder

    role_hierarchy:
        ROLE_USER:       ROLE_VIEWER
        ROLE_ADMIN:       ROLE_USER

    providers:
        esaver_users:
            entity:
                class: AppBundle\Entity\User
                property: username

    firewalls:
        dev:
            pattern:  ^/(_(profiler|wdt)|css|images|js)/*
            security: false
        main:
            pattern: ^/
            http_basic: ~
            form_login:
                provider: esaver_users
                login_path: /login
                check_path: /login_check
                csrf_provider: form.csrf_provider
                csrf_parameter: _csrf_token
                default_target_path: /
                always_use_default_target_path: true
                username_parameter: login
                password_parameter: password
                use_referer: true
            logout:
                path: /logout
                target: /login
            security: true
            anonymous: true

    access_control:
        - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/test, roles: [ROLE_USER] }
pooler
  • 327
  • 3
  • 12
  • There's still something wrong with it. The only query executed on the database during login is selecting all from user table by username. And it does not log in. – user99999 Nov 26 '15 at 22:00
  • you must specify it ... this one query .. has parameter NONE_PROVIDED ? which version of SYMFONY did you use ? did your USER implements SF UserInterface ? – pooler Nov 27 '15 at 08:28
  • in SYMFONY: DaoAuthenticationProvider extends UserAuthenticationProvider ... debug functions .. to see if you are even getting username ... or where it fails – pooler Nov 27 '15 at 08:36