security.yaml-------------security: encoders: App\Entity\User:

1. security.yaml
2. -------------
3. security:
4.     encoders:
5.         App\Entity\User:
6.             algorithm: bcrypt
7.         Symfony\Component\Security\Core\User\User: plaintext
8.  
9.     # https://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
10.     providers:
11.         # This provider name is one we choose
12.         db_user_provider:
13.             entity:
14.                 class: App\Entity\User
15.                 property: username
16.  
17.         in_memory:
18.             memory:
19.                 users:
20.                     admin:
21.                         password: admin
22.                         roles: 'ROLE_USER'
23.  
24.     firewalls:
25.         #dev:
26.         #    pattern: ^/(_(profiler|wdt)|css|images|js)/
27.         #    security: false
28.         main:
29.             anonymous: ~
30.  
31.             # activate different ways to authenticate
32.             form_login:
33.                 login_path: login
34.                 check_path: login
35.             provider: db_user_provider
36.             # https://symfony.com/doc/current/book/security.html#a-configuring-how-your-users-will-authenticate
37.  
38.             # form_login: ~
39.             # https://symfony.com/doc/current/cookbook/security/form_login_setup.html
40.  
41.     access_control:
42.         - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
43.         - { path: ^/, roles: ROLE_USER }
44.  
45. ---------------------
46. SecurityController.php
47. ---------------------
48. <?php
49.  
50. namespace App\Controller;
51.  
52. use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
53. use Symfony\Bundle\FrameworkBundle\Controller\Controller;
54. use Symfony\Component\HttpFoundation\Request;
55. use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
56.  
57. class SecurityController extends Controller
58. {
59.     /**
60.      * @Route("/login", name="login")
61.      */
62.     public function loginAction(Request $request, AuthenticationUtils $authUtils)
63.     {
64.         // get the login error if there is one
65.         $error = $authUtils->getLastAuthenticationError();
66.  
67.         // last username entered by the user
68.         $lastUsername = $authUtils->getLastUsername();
69.  
70.         return $this->render('security/login.html.twig', array(
71.             'last_username' => $lastUsername,
72.             'error'         => $error,
73.         ));
74.     }
75. }
76.  
77. --------
78. User.php
79. --------
80. <?php
81. namespace App\Entity;
82.  
83. use Doctrine\ORM\Mapping as ORM;
84. use Symfony\Component\Security\Core\User\UserInterface;
85.  
86. /**
87. * @ORM\Table(name="User")
88. * @ORM\Entity(repositoryClass="App\Repository\UserRepository")
89. */
90. class User implements UserInterface, \Serializable
91. {
92.     /**
93. * @ORM\Column(type="integer")
94. * @ORM\Id
95. * @ORM\GeneratedValue(strategy="AUTO")
96. */
97.     private $id;
98.  
99.     /**
100.      * @ORM\Column(type="string", length=25, unique=true)
101.      */
102.     private $username;
103.  
104.     /**
105.      * @ORM\Column(type="string", length=64)
106.      */
107.     private $password;
108.  
109.     /**
110.      * @ORM\Column(type="string", length=60, unique=true)
111.      */
112.     private $email;
113.  
114.     /**
115.      * @ORM\Column(name="is_active", type="boolean")
116.      */
117.     private $isActive;
118.  
119.     public function __construct()
120.     {
121.         $this->isActive = true;
122.         // may not be needed, see section on salt below
123.         // $this->salt = md5(uniqid('', true));
124.     }
125.  
126.     public function getUsername()
127.     {
128.         return $this->username;
129.     }
130.  
131.     public function getSalt()
132.     {
133.         // you *may* need a real salt depending on your encoder
134.         // see section on salt below
135.         return null;
136.     }
137.  
138.     public function getPassword()
139.     {
140.         return $this->password;
141.     }
142.  
143.     public function getRoles()
144.     {
145.         return array('ROLE_USER');
146.     }
147.  
148.     public function eraseCredentials()
149.     {
150.     }
151.  
152.     /** @see \Serializable::serialize() */
153.     public function serialize()
154.     {
155.         return serialize(array(
156.             $this->id,
157.             $this->username,
158.             $this->password,
159.             // see section on salt below
160.             // $this->salt,
161.         ));
162.     }
163.  
164.     /** @see \Serializable::unserialize() */
165.     public function unserialize($serialized)
166.     {
167.         list (
168.             $this->id,
169.             $this->username,
170.             $this->password,
171.             // see section on salt below
172.             // $this->salt
173.             ) = unserialize($serialized);
174.     }
175. }
176.  
177.  
178. ----------------------
179. security/login.html.twig
180. -----------------------
181. {% extends 'base.html.twig' %}
182.  
183. {% block content %}
184.     {% if error %}
185.         <div>{{ error.messageKey|trans(error.messageData, 'security') }}</div>
186.     {% endif %}
187.  
188.     <form action="{{ path('login') }}" method="post">
189.         <label for="username">Username:</label>
190.         <input type="text" id="username" name="_username" value="{{ last_username }}" />
191.  
192.         <label for="password">Password:</label>
193.         <input type="password" id="password" name="_password" />
194.  
195.         {#
196.            If you want to control the URL the user
197.             is redirected to on success (more details below)
198.             <input type="hidden" name="_target_path" value="/account" />
199.         #}
200.  
201.         <button type="submit">login</button>
202.     </form>
203. {% endblock %}