0

Hopefully you can help me. I have some problems trying to login using symfony2. Basically, i have a 302 error in login_check.

I come from this url.

Symfony2 Authentication "login_check" path not found

I thought it was my solution but it is not. The configuration looks like good. I tried to remove all the access_control and still the same problem although i have access to /panel. Anyone can bring up more ideas about what is going on?

Thanks

firewalls:
    main:
        pattern: ^/
        form_login:
            provider: fos_userbundle
            csrf_provider: form.csrf_provider
            always_use_default_target_path: true
            default_target_path: /user
            # login_path: /register
        logout:       true
        anonymous:    true
        remember_me:
             key:      "%secret%"
             lifetime: 31536000 # 365 days in seconds
             always_remember_me: true
             path:     /
             domain:   ~ # Defaults to the current domain from $_SERVER

access_control:
    - { path: ^/login$, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/register, role: IS_AUTHENTICATED_ANONYMOUSLY }
    - { path: ^/panel/, role: ROLE_USER }
    - { path: ^/admin/, role: ROLE_ADMIN }

EXTRA INFORMATION

  • I am using FOSUserBundle

  • debug:route

    fos_user_security_login GET|POST ANY ANY /login

    fos_user_security_check POST ANY ANY /login_check

  • loginAction

class SecurityController extends Controller { public function loginAction(Request $request) {

    /** @var $session \Symfony\Component\HttpFoundation\Session\Session */
    $session = $request->getSession();

    if (class_exists('\Symfony\Component\Security\Core\Security')) {
        $authErrorKey = Security::AUTHENTICATION_ERROR;
        $lastUsernameKey = Security::LAST_USERNAME;
    } else {
        // BC for SF < 2.6
        $authErrorKey = SecurityContextInterface::AUTHENTICATION_ERROR;
        $lastUsernameKey = SecurityContextInterface::LAST_USERNAME;
    }

    // get the error if any (works with forward and redirect -- see below)
    if ($request->attributes->has($authErrorKey)) {
        $error = $request->attributes->get($authErrorKey);
    } elseif (null !== $session && $session->has($authErrorKey)) {
        $error = $session->get($authErrorKey);
        $session->remove($authErrorKey);
    } else {
        $error = null;
    }

    if (!$error instanceof AuthenticationException) {
        $error = null; // The value does not come from the security component.
    }

    // last username entered by the user
    $lastUsername = (null === $session) ? '' : $session->get($lastUsernameKey);

    if ($this->has('security.csrf.token_manager')) {
        $csrfToken = $this->get('security.csrf.token_manager')->getToken('authenticate')->getValue();
    } else {
        // BC for SF < 2.4
        $csrfToken = $this->has('form.csrf_provider')
            ? $this->get('form.csrf_provider')->generateCsrfToken('authenticate')
            : null;
    }

    return $this->renderLogin(array(
        'last_username' => $lastUsername,
        'error' => $error,
        'csrf_token' => $csrfToken,
    ));
}

/**
 * Renders the login template with the given parameters. Overwrite this function in
 * an extended controller to provide additional data for the login template.
 *
 * @param array $data
 *
 * @return \Symfony\Component\HttpFoundation\Response
 */
protected function renderLogin(array $data)
{
    return $this->render('FOSUserBundle:Security:login.html.twig', $data);
}

public function checkAction()
{
    throw new \RuntimeException('You must configure the check path to be handled by the firewall using form_login in your security firewall configuration.');
}

public function logoutAction()
{
    throw new \RuntimeException('You must activate the logout in your security firewall configuration.');
}

}

FORM

<form action="{{ path("fos_user_security_check") }}" method="post">
            {% if error %}
                <div class="text-danger">{{ error.messageKey|trans(error.messageData, 'security') }}</div>
            {% endif %}
            <input type="hidden" name="_csrf_token" value="{{ csrf_token }}"/>

             <h3 style="margin-bottom: 70px;"><strong>Sign in</strong></h3>

              <h4>Email<input placeholder="email or username" name="_username"
                value="{{ last_username }}"
                required="required" type="text" id="username"></h4>
               <h4>Password<input id="password" name="_password" type="password" required="required"></h4>
                <a href=""><button class="btn-aurovine" id="_submit" name="_submit" value="{{ 'security.login.submit'|trans }}">Sign in</button></a>
                <p style="color:#4d4d4d; font-size: 15px;margin-top: 10px;">forgot password? <a href="{{ path('fos_user_resetting_request') }}">Click here.</a></p> 

               <div style="width: 70%; margin: 0 auto;">
                <div style="min-width:100%;height: 20px; border-bottom: 1px solid #595959;text-align: center;">
                   <span style="font-size: 20px; background-color:white;margin-top:10px;padding: 0px 20px;">
                   <strong>OR</strong></span>
                </div>
               </div>

              <a href="{{ path('fos_user_registration_register') }}"><button type="button" class="btn btn-add btn-full btn-sm btn-responsive btn-aurovine"  style="margin-bottom: 20px;">SIGN UP</button></a>
        </form>

19/11/18 NOTE

I came across with this link although it is the version 4.6 and i dont know how to check if this is my problem or not

https://symfony.com/doc/current/security/user_provider.html

Check "Understanding how Users are Refreshed from the Session"

Zenit
  • 429
  • 1
  • 8
  • 20

0 Answers0