使用用户实体的Symfony 4基本HTTP身份验证 [英] Symfony 4 basic http authentication using user entity

问题描述

首先，我尝试使用in_memory提供程序的简单方法，如本文档中所示: https: //symfony.com/doc/current/security.html ，并且对我来说效果很好，然后我继续本教程:

First of all i tryed the simple way with the in_memory provder like in this documentation: https://symfony.com/doc/current/security.html and it worked for me well, then i continued with this tutorial: https://symfony.com/doc/current/security/entity_provider.html and ended up in an endless loop of browser http basic user data request.

这是我的代码，也许有人可以找到缺少的小分号:D

This is my code, maybe someone can find the tiny missing semicolon :D

URL: https://gitlab.com/AceVik/ajoli

餐具文件. security.yml

Neccessery files. security.yml

security:
# https://symfony.com/doc/current/security.html#where-do-users-come-from-user-providers
providers:
    our_db_provider:
         entity:
            class: App\Entity\User
    #        property: username
    #in_memory:
    #    memory:
    #        users:
    #            admin:
    #                password: admin
    #                roles: 'ROLE_ADMIN'
firewalls:
    #secured_area:
    #    logout:
    #        path: /logout
    #        target: /
    dev:
        pattern: ^/(_(profiler|wdt)|css|images|js)/
        security: false
    main:
    #    pattern:    ^/
        http_basic: ~
        provider: our_db_provider
   #     provider: in_memory
encoders:
    App\Entity\User: plaintext
    #    algorithm: bcrypt
    #    cost: 12
    #Symfony\Component\Security\Core\User\User: plaintext

role_hierarchy:
    ROLE_ADMIN:       ROLE_USER
    ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH]

# Easy way to control access for large sections of your site
# Note: Only the *first* access control that matches will be used
access_control:
     - { path: ^/admin, roles: ROLE_ADMIN }
     - { path: ^/profile, roles: ROLE_USER }

User.php

<?php

declare(strict_types=1);

namespace App\Entity;

use Doctrine\ORM\Mapping as ORM;
use Symfony\Component\Security\Core\User\UserInterface;

/**
 * @ORM\Table(name="users")
 * @ORM\Entity(repositoryClass="App\Repository\UserRepository")
 */
class User implements UserInterface, \Serializable
{
    /**
     * @ORM\Column(type="integer")
     * @ORM\Id
     * @ORM\GeneratedValue(strategy="AUTO")
     */
    private $id;

    /**
     * @ORM\Column(type="string", length=25, unique=true)
     */
    private $username;

    /**
     * @ORM\Column(type="string", length=64)
     */
    private $password;

    /**
     * @ORM\Column(type="string", length=254, unique=true)
     */
    private $email;

    /**
     * @ORM\Column(name="is_active", type="boolean")
     */
    private $isActive;

    public function __construct()
    {
        $this->isActive = true;
        // may not be needed, see section on salt below
        // $this->salt = md5(uniqid('', true));
    }

    public function getUsername()
    {
        return $this->username;
    }

    public function setUsername($username) {
        $this->username = $username;
        $this->email = $username . '@example.com';
    }

    public function setPassword($password) {
        $this->password = $password;
    }

    public function getSalt()
    {
        // you *may* need a real salt depending on your encoder
        // see section on salt below
        return null;
    }

    public function getPassword()
    {
        return $this->password;
    }

    public function getRoles()
    {
        return array('ROLE_USER');
    }

    public function eraseCredentials()
    {
    }

    /** @see \Serializable::serialize() */
    public function serialize()
    {
        return serialize(array(
            $this->id,
            $this->username,
            $this->password,
            // see section on salt below
            // $this->salt,
        ));
    }

    /** @see \Serializable::unserialize() */
    public function unserialize($serialized)
    {
        list (
            $this->id,
            $this->username,
            $this->password,
            // see section on salt below
            // $this->salt
            ) = unserialize($serialized, ['allowed_classes' => false]);
    }
}

UserRepository.php

UserRepository.php

<?php

namespace App\Repository;

use App\Entity\User;
use Doctrine\Bundle\DoctrineBundle\Repository\ServiceEntityRepository;
use Doctrine\Common\Persistence\ManagerRegistry;
use Symfony\Bridge\Doctrine\Security\User\UserLoaderInterface;

class UserRepository extends ServiceEntityRepository implements UserLoaderInterface
{
    public function __construct(ManagerRegistry $registry)
    {
        parent::__construct($registry, User::class);
    }

    public function loadUserByUsername($username)
    {
        return $this->createQueryBuilder('u')
            ->where('u.username = :username')
            ->setParameter('username', $username)
            ->getQuery()
            ->getOneOrNullResult();
    }
}

推荐答案

找到解决方案.

我刚刚将Symfony从4.0.9更新到4.0.11，它解决了问题.看来，这是一个Symfony错误: https://symfony.com/blog /symfony-4-0-11-released

I just updates Symfony from 4.0.9 to 4.0.11 and it solved the problem. It seems, it was a Symfony bug: https://symfony.com/blog/symfony-4-0-11-released

现在我在注销时遇到问题:D我试图自行修复它，但是如果有人看到错误，请告诉我.我的gitlab存储库仍是公开的.

Now i have an issue with the logout :D I try to fix it by my self, but if someone see the mistake, tell it me pls. My gitlab repository is still public.

这篇关于使用用户实体的Symfony 4基本HTTP身份验证的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！