I always get the message: "Bad credentials" when I try to log into symfony2. I do it based on http://symfony.com/doc/current/cookbook/security/custom_provider.html . Please help me figure out where the problem is. Thanks in advance.
security.yml is as follows
security: encoders: Zags\UserBundle\Security\User\User: plaintext role_hierarchy: ROLE_ADMIN: ROLE_USER ROLE_SUPER_ADMIN: [ROLE_USER, ROLE_ADMIN, ROLE_ALLOWED_TO_SWITCH] providers: webservice: id: zags_user_provider firewalls: dev: pattern: ^/(_(profiler|wdt)|css|images|js)/ security: false login_firewall: pattern: ^/login$ anonymous: ~ secured_area: pattern: ^/ anonymous: ~ form_login: login_path: /login check_path: /login_check
I added these lines to routing.yml
login: pattern: /login defaults: { _controller: ZagsUserBundle:Security:login } login_check: pattern: /login_check
The User.php class is as follows:
<?php namespace Zags\UserBundle\Security\User; use Symfony\Component\Security\Core\User\UserInterface; class User implements UserInterface { private $username; private $password; private $salt; private $roles; public function __construct($username, $password, $salt, array $roles) { $this->username = $username; $this->password = $password; $this->salt = $salt; $this->roles = $roles; } public function getRoles() { return $this->roles; } public function getPassword() { return $this->password; } public function getSalt() { return $this->salt; } public function getUsername() { return $this->username; } public function eraseCredentials() { } public function equals(UserInterface $user) { return $user->getUsername() === $this->username; } } ?>
So this is my UserProvider.php class
<?php namespace Zags\UserBundle\Security\User; use Symfony\Component\Security\Core\User\UserProviderInterface; use Symfony\Component\Security\Core\User\UserInterface; use Symfony\Component\Security\Core\Exception\UsernameNotFoundException; use Symfony\Component\Security\Core\Exception\UnsupportedUserException; class UserProvider implements UserProviderInterface { public function loadUserByUsername($username) { // make a call to your webservice here $userData = array("username" => "latysh", "password" => "123", "salt" => "123", "roles" => array('ROLE_USER')); // pretend it returns an array on success, false if there is no user if ($userData) { $username = $userData['username']; $password = $userData['password']; $salt = $userData['salt']; $roles = $userData['roles']; // ... return new User($username, $password, $salt, $roles); } throw new UsernameNotFoundException(sprintf('Username "%s" does not exist.', $username)); } public function refreshUser(UserInterface $user) { if (!$user instanceof User) { throw new UnsupportedUserException(sprintf('Instances of "%s" are not supported.', get_class($user))); } return $this->loadUserByUsername($user->getUsername()); } public function supportsClass($class) { return $class === 'Zags\UserBundle\Security\User\User'; } } ?>
and services.yml is as follows
parameters: zags_user_provider.class: Zags\UserBundle\Security\User\UserProvider services: zags_user_provider: class: "%zags_user_provider.class%"
SecurityController.php
<?php namespace Zags\UserBundle\Controller; use Symfony\Bundle\FrameworkBundle\Controller\Controller; use Symfony\Component\Security\Core\SecurityContext; class SecurityController extends Controller { public function loginAction() { $request = $this->getRequest(); $session = $request->getSession();
and login.html.twig
{% if error %} <div>{{ error.message }}</div> {% endif %} <form action="{{ path('login_check') }}" method="post"> <label for="username">Username:</label> <input type="text" id="username" name="_username" value="{{ last_username }}" /> <label for="password">Password:</label> <input type="password" id="password" name="_password" /> {# If you want to control the URL the user is redirected to on success (more details below) <input type="hidden" name="_target_path" value="/account" /> #} <button type="submit">login</button> </form>