Symfony - Guard authentification

Question

I am implementing a login system with guard in my symfony application.

I already setup the system, but i did one mistake, therefore i cant login...

The essentials:

My User Entity implements "AdvancedUserInterface, \Serializable" and it provides email property instead of username property..moreover i changed "getUsername"-function to:

public function getUsername()
{
    return $this->email;
}

security.yml:

# app/config/security.yml
security:
    providers:
        main_db_provider:
            entity:
                class: AppBundle:User
                property: email

    encoders:
        AppBundle\Entity\User:
            algorithm: bcrypt

    firewalls:
        dev:
            pattern: ^/(_(profiler|wdt)|css|images|js)/
            security: false

        main:
            anonymous: ~
            logout:
                path:   /logout
                target: /
            guard:
                authenticators:
                    - form_authenticator
            provider: main_db_provider

    access_control:
        - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
        - { path: ^/, roles: ROLE_ADMIN }

services.yml:

services:
    form_authenticator:
          class: AppBundle\Security\FormAuthenticator
          arguments: ["@service_container"]

login.html.twig:

<form action="{{ path('login') }}" method="POST">
    <input type="text" name="email">
    <input type="text" name="password">
    <input type="submit" name="submit" value="Submit">
</form>

LoginController(part of it):

/**
 * @Route("/login", name="login")
 */
public function loginAction(Request $request) {

    $authenticationUtils = $this->get('security.authentication_utils');

    $error = $authenticationUtils->getLastAuthenticationError();
    $lastUsername = $authenticationUtils->getLastUsername();

    return $this->render(
        'AppBundle:login:index.html.twig',
        [
            'error' => $error ? $error->getMessage() : NULL,
            'last_username' => $lastUsername
        ]
    );
}

And last my FormAuthentificator:

class FormAuthenticator extends AbstractGuardAuthenticator
{

    private $container;

    /**
     * Default message for authentication failure.
     *
     * @var string
     */
    private $failMessage = 'Invalid credentials';

    /**
     * Creates a new instance of FormAuthenticator
     */
    public function __construct(ContainerInterface $container)
    {
        $this->container = $container;
    }

    /**
     * {@inheritdoc}
     */
    public function getCredentials(Request $request)
    {
        if ($request->getPathInfo() != '/login' || !$request->isMethod('POST')) {
            return;
        }

        return array(
            'email' => $request->request->get('email'),
            'password' => $request->request->get('password'),
        );
    }

    /**
     * {@inheritdoc}
     */
    public function getUser($credentials, UserProviderInterface $userProvider)
    {
        $email = $credentials['email'];

        return $userProvider->loadUserByUsername($email);
    }

    /**
     * {@inheritdoc}
     */
    public function checkCredentials($credentials, UserInterface $user)
    {
        $plainPassword = $credentials['password'];
        $encoder = $this->container->get('security.password_encoder');

        if (!$encoder->isPasswordValid($user, $plainPassword)) {
            throw new CustomUserMessageAuthenticationException($this->failMessage);
        }

        return true;
    }

    /**
     * {@inheritdoc}
     */
    public function onAuthenticationSuccess(Request $request, TokenInterface $token, $providerKey)
    {
        $url = $this->container->get('router')->generate('backend');
        return new RedirectResponse($url);
    }

    /**
     * {@inheritdoc}
     */
    public function onAuthenticationFailure(Request $request, AuthenticationException $exception)
    {
        $request->getSession()->set(Security::AUTHENTICATION_ERROR, $exception);
        $url = $this->container->get('router')->generate('login');
        return new RedirectResponse($url);
    }

    /**
     * {@inheritdoc}
     */
    public function start(Request $request, AuthenticationException $authException = null)
    {
        $url = $this->container->get('router')->generate('login');
        return new RedirectResponse($url);
    }

    /**
     * {@inheritdoc}
     */
    public function supportsRememberMe()
    {
        return false;
    }
}

When i enter my valid credentials, i get:

Invalid credentials:

I also tried with other credentials, but always same error.

Anybody could help me to solve this issue?

Thanks and Greetings!

Your stored password will be hashed so you should compare it against a hashed version of the one passed in through the form. See http://symfony.com/doc/current/components/security/authentication.html#using-password-encoders — qooplmao, Jan 17 '16 at 17:48
hey i corrected the checkCredentials-method, but now i cant login "and" i dont get error. could you help me? — Creative crypter, Jan 17 '16 at 18:58
my login page is just loaded again when i press submit(without displaying error´s) — Creative crypter, Jan 17 '16 at 19:07
Do any pages that are behind your firewall load? It might be just reloading the last page that was requested rather than wanting you to login in again. — qooplmao, Jan 17 '16 at 19:08
no pages behind the firewall can be loaded and the bar at the buttom display´s that i am anonymous — Creative crypter, Jan 17 '16 at 19:11

Symfony - Guard authentification

0 Answers0