Symfony2已登录但未通过身份验证

Question

我正在Symfony 2.6上进行身份验证系统。 注册过程起作用。当我尝试登录时，我已登录并拥有“ROLE_USER”，但分析器说我没有通过身份验证。我不明白发生了什么事。 下面是用户实体：

<?php 

namespace AppBundle\Entity; 

use Doctrine\ORM\Mapping as ORM; 
use Symfony\Component\Validator\Constraints as Assert; 
use Symfony\Bridge\Doctrine\Validator\Constraints\UniqueEntity; 
use Symfony\Component\Security\Core\User\UserInterface; 

/** 
* User 
* 
* @ORM\Table(name="baseuser") 
* @ORM\Entity(repositoryClass="AppBundle\Repository\UserRepository") 
* @UniqueEntity("email", message="error.user.email.taken") 
*/ 
class User implements UserInterface, \Serializable 
{ 
/** 
* @var integer 
* 
* @ORM\Column(name="id", type="integer") 
* @ORM\Id 
* @ORM\GeneratedValue(strategy="AUTO") 
*/ 
private $id; 

/** 
* @var string 
* 
* @ORM\Column(name="email", type="string", length=255, unique=true) 
*/ 
private $email; 

/** 
* @var string 
* 
* @ORM\Column(name="username", type="string", length=70, nullable=true) 
*/ 
private $username; 

/** 
* @var string 
* 
* @ORM\Column(name="password", type="string", length=128) 
* @Assert\Length(max = 4096) 
*/ 
private $password; 

/** 
* @var string 
* 
* @ORM\Column(name="salt", type="string", length=64) 
*/ 
private $salt; 

/** 
* @var string 
* 
* @ORM\Column(name="picture", type="string", length=100, nullable=true) 
*/ 
private $picture; 

/** 
* @var string 
* 
* @ORM\Column(name="address", type="string", length=100, nullable=true) 
*/ 
private $address; 

/** 
* @var string 
* 
* @ORM\Column(name="zipcode", type="string", length=10, nullable=true) 
*/ 
private $zipcode; 

/** 
* @var string 
* 
* @ORM\Column(name="city", type="string", length=50, nullable=true) 
*/ 
private $city; 

/** 
* @var integer 
* 
* @ORM\Column(name="country", type="integer", nullable=true) 
*/ 
private $country; 

/** 
* @var \DateTime 
* 
* @ORM\Column(name="birthdate", type="date", nullable=true) 
*/ 
private $birthdate; 

/** 
* @var string 
* 
* @ORM\Column(name="occupation", type="string", length=50, nullable=true) 
*/ 
private $occupation; 

/** 
* @var string 
* 
* @ORM\Column(name="about", type="text", nullable=true) 
*/ 
private $about; 

/** 
* @var string 
* 
* @ORM\Column(name="token", type="string", length=15, unique=true) 
*/ 
private $token; 

/** 
* @var boolean 
* 
* @ORM\Column(name="is_active", type="boolean") 
*/ 
private $isActive; 

/** 
* @var boolean 
* 
* @ORM\Column(name="roles", type="integer") 
*/ 
private $roles; 

/** 
* @var \DateTime 
* 
* @ORM\Column(name="created_at", type="datetime") 
*/ 
private $createdAt; 

/** 
* @var \DateTime 
* 
* @ORM\Column(name="updated_at", type="datetime") 
*/ 
private $updatedAt; 

public function __construct() 
{ 
    $datetime = new \DateTime(); 
    $this->createdAt = $datetime; 
    $this->updatedAt = $datetime; 
    $this->token  = base_convert(time(), 10, 36).\AppBundle\Library\StringHelper::randomString(5, "lower"); 
    $this->salt  = \AppBundle\Library\StringHelper::randomString(); 
    $this->isActive = true; 
    $this->roles  = 1; 
} 

/** 
* @inheritDoc 
*/ 
public function eraseCredentials() 
{ 
} 

/** 
* Return the roles 
* 
*/ 
public function getRoles() { 
    switch ($this->roles) { 
     case 1: 
      $role = 'ROLE_USER'; 
      break; 

     case 2: 
      $role = 'ROLE_ADMIN'; 
      break; 

     case 3: 
      $role = 'ROLE_SUPER_ADMIN'; 
      break; 

     default: 
      $role = 'ROLE_USER'; 
      break; 
    } 

    return array($role); 
} 

/** 
* Set the roles 
* 
* @param $roles 
*/ 
public function setRoles($roles) { 
    $this->roles = $roles; 
    return $this; 
} 

/** 
* @see \Serializable::serialize() 
*/ 
public function serialize() 
{ 
    return serialize(array(
     $this->id, 
     $this->email, 
     $this->password 
    )); 
} 

/** 
* @see \Serializable::unserialize() 
*/ 
public function unserialize($serialized) 
{ 
    list (
     $this->id, 
     $this->email, 
     $this->password, 
    ) = unserialize($serialized); 
} 
} 

这里是我的security.yml：

security: 
    encoders: 
     AppBundle\Entity\User: 
      algorithm: bcrypt 
      cost:  15 

    role_hierarchy: 
     ROLE_ADMIN:  ROLE_USER 
     ROLE_SUPER_ADMIN: [ ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ] 

    providers: 
     administrators: 
      entity: { class: AppBundle:User, property: email } 

    firewalls: 
     main: 
      pattern: ^/ 
      anonymous: ~ 
      form_login: ~ 
      logout: ~ 

    access_control: 
     - { path: ^/admin, roles: ROLE_ADMIN } 

我不知道是什么问题，什么想法？

问候

Answer 1

那么我终于明白了。 首先，你需要一个用户名，它不能为空。所以我改变了我的方法getUsername（），所以它返回的电子邮件地址。 然后，我改变了我的security.yml看起来像这样：

security: 
    encoders: 
     AppBundle\Entity\User: 
      algorithm: bcrypt 
      cost: 13 

    role_hierarchy: 
     ROLE_ADMIN:  ROLE_USER 
     ROLE_SUPER_ADMIN: [ ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH ] 

    providers: 
     users: 
      entity: { class: AppBundle:User, property: email } 

    firewalls: 
     dev: 
      pattern: ^/(_(profiler|wdt)|css|images|js)/ 
      security: false 

     default: 
      pattern: ^/ 
      anonymous: ~ 
      form_login: ~ 
      logout: ~ 

    access_control: 
     - { path: ^/admin, roles: ROLE_ADMIN } 
     - { path: ^/, roles: IS_AUTHENTICATED_ANONYMOUSLY } 

Answer 2

是的，你从你的security.yml删除dev防火墙：

dev: 
    pattern: ^/(_(profiler|wdt|error)|css|images|js)/ 
    security: false 

确保你的任何其他防火墙之前插入...

查看原始security.yml

Answer 3

类用户必须实现EquatableInterface和实现方法如下：

public function isEqualTo(UserInterface $user) 
{ 
    return $this->id === $user->getId(); 
} 

Answer 4

我有同样的症状，这是因为我正在尝试没有ROLE的用户。

如果他至少有一个角色，分析器似乎认为用户已通过身份验证。

下面是它在探查细节说：

用户没有可能验证，因为他们没有作用。

即使他有IS_AUTHENTICATED_FULLY和/或IS_AUTHENTICATED_REMEMBERED的伪角色。