管理 Symfony BadCredentialsException 代码 [英] Managing Symfony BadCredentialsException codes

问题描述

我的 symfony 项目中有一个登录表单(我是 symfony 的品牌菜鸟)，我想根据我得到的错误做出不同的反应.

I have a login form in my symfony project (I'm a brand noob in symfony), and I want to react differently depending on the error I get.

我阅读了 BadCredentialsException 及其父类 AuthenticationException，但是没有找到任何关于错误代码的信息，每当我用 Twig 转储 getLastAuthenticationError() 时我都会得到:

I read the documentation of BadCredentialsException and its parent class AuthenticationException, but didn't find anything about the code of the error, which I get whenever I dump getLastAuthenticationError() with Twig :

BadCredentialsException {#93 ▼
  -token: UsernamePasswordToken {#92 ▶}
  #message: "Bad credentials."
  #code: 0
  #file: "C:\pathToProject\vendor\symfony\symfony\src\Symfony\Component\Security\Core\Authentication\Provider\UserAuthenticationProvider.php ◀"
  #line: 90
  -trace: {▶}
}

到目前为止，我总是有 0 代码.

So far I always have the 0 code.

还有其他代码吗?我在哪里可以在文档中找到它们?

Is there any other codes ? Where can I find them in the doc ?

此外，无论密码错误还是用户不存在，似乎都会发生此异常.有什么办法可以区分这两个事件吗?

Also, this exception seems to happen whether the password is bad or the user does not exist. Is there any way to differentiate these 2 events ?

推荐答案

我知道没有与 Symfony/Security 组件中的 Exception 相关联的代码.请注意，这不是(还?)在异常中设置代码的常见做法.您宁愿在 catch(Exception $e) 语句中使用 TypeHinting 检查 Exception 的类型.或者使用 instanceof 运算符.

There are no codes I'm aware of associated with Exception in the Symfony/Security component. Note that is not (yet?) a common practice to set up code within an Exception. You rather check the type of Exception using TypeHinting in the catch(Exception $e) statement. Or by using the instanceof operator.

如果凭据无效且未找到用户，则抛出 BadCredentialsException.但是，您可以重新配置 UserAuthenticationProvider 以不隐藏"它.

The BadCredentialsException is thrown if the credentials are invalid AND if the User is not found. However, you can reconfigure the UserAuthenticationProvider to do not "hide" it.

检查UserAuthenticationProvider.php，构造函数中有一个选项.

Check UserAuthenticationProvider.php, there is an option in the constructor.

您可以在 security.yml 中进行设置:

You can set it up in your security.yml:

security:
   hide_user_not_found: false

根据您的用例，您可能还想编写自己的 AuthenticationProviderInterface 实现.

Depending on your use case, you may also want to write your own implementation of the AuthenticationProviderInterface.

这篇关于管理 Symfony BadCredentialsException 代码的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！