我的Symfony版本是:3.0.6
我在认证的几个小时内打架 . 我有登录名和密码的表格 .
我的security.yml看起来:
security:
encoders:
MainListBundle\Entity\User:
algorithm: bcrypt
providers:
default:
entity:
class: MainListBundle:User
property: username
firewalls:
dev:
pattern: ^/(_(profiler|wdt)|css|images|js)/
security: false
my_app:
pattern: ^/
anonymous: ~
form_login:
login_path: /login
check_path: /login_check
default_target_path: main_list_homepage
logout:
path: /logout
target: main_list_login
如果数据库中不存在用户名,表单可以显示我 . 但是,如果我输入一些密码(也是错误的)我在“check_path”URL上有无限循环 .
登录表单上的字段是正确的:_username和_password . 表单“action”与安全性中的“check_path”相同 .
我做错了什么......这很奇怪,因为一切都像教程一样 .
控制器:
<?php
namespace MainListBundle\Controller;
use Symfony\Bundle\FrameworkBundle\Controller\Controller;
use Symfony\Component\Security\Core\Security;
use Symfony\Component\HttpFoundation\Request;
use Symfony\Component\HttpFoundation\Session\Session;
class LoginController extends Controller
{
public function indexAction(Request $Request)
{
$auth = $this->get('security.authentication_utils');
$error = $auth->getLastAuthenticationError();
$username = $auth->getLastUserName();
return $this->render('MainListBundle:Login:login.html.twig', array(
'loginError' => $error,
'username' => $username
));
}
使用routing.yml
main_list_sort:
path: /MainList/sort/{field}
defaults: { _controller: MainListBundle:Default:sort }
main_list_search:
path: /MainList/search
defaults: { _controller: MainListBundle:Default:search }
main_list_clear_search:
path: /MainList/clearSearch
defaults: { _controller: MainListBundle:Default:clearSearch }
main_list_pdfGenerateRecordsList:
path: /MainList/pdfGenerateRecordsList
defaults: { _controller: MainListBundle:Default:pdfGenerateRecordsList }
main_list_homepage:
path: /MainList/{page}
defaults: { _controller: MainListBundle:Default:index, page: 1 }
main_list_login:
path: /login
defaults: { _controller: MainListBundle:Login:index }
main_list_login_check:
path: /login_check
main_list_logout:
path: /logout
defaults: { _controller: MainListBundle:Login:logout }
main_list_add_users:
path: /addusers
defaults: { _controller: MainListBundle:Login:addUsers }
表格视图:
{% extends "::base.html.twig" %}
{% block menu %}{% endblock %}
{% block content %}
<center>
{% if loginError is defined and loginError is not null %}
<div class="alert alert-danger">{{ loginError.messageKey }}</div>
{% endif %}
<form action="{{ path('main_list_login_check') }}" method="POST">
<table style="width: 600px">
<tr>
<td>Login:</td>
<td>
<input type="text" name="_username" value="{{ username }}"/>
</td>
</tr>
<tr>
<td>Password:</td>
<td>
<input type="password" name="_password" value=""/>
</td>
</tr>
<tr>
<td></td>
<td>
<input type="submit" value="Zaloguj"/>
</td>
</tr>
</table>
</form>
</center>
{% endblock %}
1 回答
正如Symphony documentation所说:
你应该为你的
access_control
添加下一条规则:并且不要忘记在
form_login
和access_control
之前添加anonymous: ~
.查看文档以获取更多信息 .
BR