Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- security.yaml
- -------------
- security:
- encoders:
- App\Entity\User:
- algorithm: bcrypt
- Symfony\Component\Security\Core\User\User: plaintext
- # https://symfony.com/doc/current/book/security.html#where-do-users-come-from-user-providers
- providers:
- # This provider name is one we choose
- db_user_provider:
- entity:
- class: App\Entity\User
- property: username
- in_memory:
- memory:
- users:
- admin:
- password: admin
- roles: 'ROLE_USER'
- firewalls:
- #dev:
- # pattern: ^/(_(profiler|wdt)|css|images|js)/
- # security: false
- main:
- anonymous: ~
- # activate different ways to authenticate
- form_login:
- login_path: login
- check_path: login
- provider: db_user_provider
- # https://symfony.com/doc/current/book/security.html#a-configuring-how-your-users-will-authenticate
- # form_login: ~
- # https://symfony.com/doc/current/cookbook/security/form_login_setup.html
- access_control:
- - { path: ^/login, roles: IS_AUTHENTICATED_ANONYMOUSLY }
- - { path: ^/, roles: ROLE_USER }
- ---------------------
- SecurityController.php
- ---------------------
- <?php
- namespace App\Controller;
- use Sensio\Bundle\FrameworkExtraBundle\Configuration\Route;
- use Symfony\Bundle\FrameworkBundle\Controller\Controller;
- use Symfony\Component\HttpFoundation\Request;
- use Symfony\Component\Security\Http\Authentication\AuthenticationUtils;
- class SecurityController extends Controller
- {
- /**
- * @Route("/login", name="login")
- */
- public function loginAction(Request $request, AuthenticationUtils $authUtils)
- {
- // get the login error if there is one
- $error = $authUtils->getLastAuthenticationError();
- // last username entered by the user
- $lastUsername = $authUtils->getLastUsername();
- return $this->render('security/login.html.twig', array(
- 'last_username' => $lastUsername,
- 'error' => $error,
- ));
- }
- }
- --------
- User.php
- --------
- <?php
- namespace App\Entity;
- use Doctrine\ORM\Mapping as ORM;
- use Symfony\Component\Security\Core\User\UserInterface;
- /**
- * @ORM\Table(name="User")
- * @ORM\Entity(repositoryClass="App\Repository\UserRepository")
- */
- class User implements UserInterface, \Serializable
- {
- /**
- * @ORM\Column(type="integer")
- * @ORM\Id
- * @ORM\GeneratedValue(strategy="AUTO")
- */
- private $id;
- /**
- * @ORM\Column(type="string", length=25, unique=true)
- */
- private $username;
- /**
- * @ORM\Column(type="string", length=64)
- */
- private $password;
- /**
- * @ORM\Column(type="string", length=60, unique=true)
- */
- private $email;
- /**
- * @ORM\Column(name="is_active", type="boolean")
- */
- private $isActive;
- public function __construct()
- {
- $this->isActive = true;
- // may not be needed, see section on salt below
- // $this->salt = md5(uniqid('', true));
- }
- public function getUsername()
- {
- return $this->username;
- }
- public function getSalt()
- {
- // you *may* need a real salt depending on your encoder
- // see section on salt below
- return null;
- }
- public function getPassword()
- {
- return $this->password;
- }
- public function getRoles()
- {
- return array('ROLE_USER');
- }
- public function eraseCredentials()
- {
- }
- /** @see \Serializable::serialize() */
- public function serialize()
- {
- return serialize(array(
- $this->id,
- $this->username,
- $this->password,
- // see section on salt below
- // $this->salt,
- ));
- }
- /** @see \Serializable::unserialize() */
- public function unserialize($serialized)
- {
- list (
- $this->id,
- $this->username,
- $this->password,
- // see section on salt below
- // $this->salt
- ) = unserialize($serialized);
- }
- }
- ----------------------
- security/login.html.twig
- -----------------------
- {% extends 'base.html.twig' %}
- {% block content %}
- {% if error %}
- <div>{{ error.messageKey|trans(error.messageData, 'security') }}</div>
- {% endif %}
- <form action="{{ path('login') }}" method="post">
- <label for="username">Username:</label>
- <input type="text" id="username" name="_username" value="{{ last_username }}" />
- <label for="password">Password:</label>
- <input type="password" id="password" name="_password" />
- {#
- If you want to control the URL the user
- is redirected to on success (more details below)
- <input type="hidden" name="_target_path" value="/account" />
- #}
- <button type="submit">login</button>
- </form>
- {% endblock %}
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement