在Silex注册后自动登录

时间:2016-03-16 18:43:45

标签: php authentication silex

我想在注册后自动登录用户。首先我试过这种方式 https://gist.github.com/simonjodet/3927516。 Bu山雀不起作用。我发现其他人有同样的问题,并在this question找到了解决方法,但它对我不起作用。

这是我的代码,登录过程正常。但注册时不会自动登录。

我的安全配置:

    $app['security.firewalls'] = array(
    'main' => array(
        'pattern' => '^(/user|/logout|/login_check)',   
        'form' => array(
            'login_path' => '/login/',
            'check_path' => '/login_check/',
            'require_previous_session' => false,
            'username_parameter'=> 'form[email]',
            'password_parameter' => 'form[password]'

        ),
        'remember_me' => array(
            'key' => 'adfafasfasdfdasfasdfa',   //whatever random string
            'remember_me_parameter' => 'form[remember]'
        ),
        'logout' => array('logout_path' => '/logout/', 'invalidate_session' => true),
        'users' =>  function(Silex\Application $app){
            return $app['user_manager'];
        }
    )
);

注册时我的UserController.php代码:

if ($signupForm->isValid()) {
       $plainPassword = $data['password'];
      //preparing data to be inserted
      $password = self::encodePassword($data['email'], $plainPassword, $app['security.encoder.digest']);
      //inserting the user
      $userManager->insertUser($data, $password, $app['slugger']);
      //generate a request to login_check       
      $subRequest = \Symfony\Component\HttpFoundation\Request::create(
        '/login_check/',
        'POST',
        array(
            'form[email]' => $data['email'],
            'form[password]' => $plainPassword,
             $app['request']->cookies->all(),
             array(),
             $app['request']->server->all()
        ));
        $app->handle($subRequest, \Symfony\Component\HttpKernel\HttpKernelInterface::MASTER_REQUEST, false);

我正在使用用户电子邮件,因为它应该是用户提供商的'用户名'。 它没有登录,这是Monolog的输出。用户名是“NONE_PROVIDED”,而应该是用户的电子邮件。

    [2016-03-16 19:29:41] myapp.INFO: Matched route "POST_login_". {"route_parameters":{"_controller":"user.controller:login","_route":"POST_login_"},"request_uri":"http://local.mysite.com/login/"} []
[2016-03-16 19:29:41] myapp.INFO: > POST /login/ [] []
[2016-03-16 19:29:41] myapp.INFO: Matched route "POST_login_check_". {"route_parameters":{"_controller":"loginCheck","_route":"POST_login_check_"},"request_uri":"http://localhost/login_check/"} []
[2016-03-16 19:29:41] myapp.INFO: Authentication request failed. {"exception":"[object] (Symfony\\Component\\Security\\Core\\Exception\\BadCredentialsException(code: 0): Bad credentials. at /home/myuser/www/local.mysite.com/vendor/symfony/security/Core/Authentication/Provider/UserAuthenticationProvider.php:73, Symfony\\Component\\Security\\Core\\Exception\\UsernameNotFoundException(code: 0): Username \"NONE_PROVIDED\" does not exist. at /home/myuser/www/local.mysite.com/app/Model/Manager/UserManager.php:58)"} []
[2016-03-16 19:29:41] myapp.DEBUG: Authentication failure, redirect triggered. {"failure_path":"/login/"} []
[2016-03-16 19:29:41] myapp.INFO: < 302 http://localhost/login/ [] []
[2016-03-16 19:29:41] myapp.INFO: < 200 [] []

编辑:

在询问时,我发现可能问题是当我发出自动请求时,我是从'localhost'而不是'local.mysite.com'发送的,如何解决这个问题?

1 个答案:

答案 0 :(得分:5)

我会选择要点而不是重定向,这对我来说似乎很苛刻。

对于新的Symfony Security组件,您需要稍微调整代码。来自SO this answer

<?php
// on your user registration controller...

// create and store an authenticated token
$token = new UsernamePasswordToken(
    $user, 
    $user->getPassword(), 
    'main',                 //key of the firewall you are trying to authenticate 
    $user->getRoles()
);
$app['security.token_storage']->setToken($token);

// _security_main is, again, the key of the firewall
$app['session']->set('_security_main', serialize($token));
$app['session']->save(); // this will be done automatically but it does not hurt to do it explicitly

return $app->redirect('/where-ever-you-want');

我还没有测试过这段代码!

<强>更新 作为参考,Symfony文档有一个很好的例子:How to Simulate Authentication with a Token in a Functional Test

相关问题
最新问题